Attacking and Defending Full Disk Encryption

Editor's Notes

1. Questions: How many of you use laptops? FDE on Company Machines (laptops/desktops) FDE on personal laptops FDE on Desktops? Servers? (would expect less)
2. Adds another layer of complexity for investigators, can often foil attempts
3. "Dead" analysis: Drive image, Searching for deleted and hidden files, Evidence must never change New technologies making this more challenging - Full disk encryption/hardware encryption, Solid State Drives
4. Memory analysis - becoming increasingly important Capturing this evidence often requires modifying evidence - capture tools need to access/write to memory Some evidence may only exist in memory
5. -Checkbox - trust but verify -Simulate an actual attack - Zero-knowledge attacks -Identify shortcomings before they become problems
6. -Checkbox - trust but verify -Simulate an actual attack - Zero-knowledge attacks -Identify shortcomings before they become problems If system was stolen, can you say with confidence that the data is safe?
7. -XKCD comic: million-dollar supercomputer cluster to break encryption or $5 wrench to convince someone to give up their password
8. Example of actual forensic penetration test for client Next slide --- Setting the scene: Company laptop is stolen, full disk encryption employed. Is your data safe? How do you know?
9. Setting the scene: Company laptop is stolen, full disk encryption employed. Is your data safe? How do you know?
10. Zero knowledge attack - identical to a real attack Authenticated testing - allows for testing specific scenarios
11. Laptop was fully encrypted Administrator confident no information could be retrieved or leaked
12. Full disk images - physical and digital Write blocker used, system never booted using original disk (critical step!) - Scratch disk could be restored, no evidence of attack Initial reconnaissance: laptop, standard interfaces, Symantec Endpoint Encryption Solution
13. Grace period - window of time where system was allowed to boot normally -passphrase was required after timeout. Images/repeated imaging allowed us to work indefinitely System booted to Windows during grace period - no need to attack encryption directly, memory analysis techniques
14. -Downgrade system memory -Leverage DMA to dump memory - firewire -Exploit operating system structure in memory (Inception tool) -Result - full admin access
15. We didn’t need to break the encryption -leveraged configuration oversights, key may still be in memory -Convenience vs. Security, resulted in total failure -Zero Knowledge - both ways - company would not be able to determine information was stolen
16. As seen in the pentest, if there’s even a small window where pre-boot authentication is not necessary, encryption can be completely worked around
17. On most laptops, this can be done in the BIOS Not just firewire, but ExpressCard and PCMCIA also provide this functionality Consider usability - are these really needed? Often no.
18. Standby allows machine to be taken/stolen with operating system in memory - can allow encryption to be bypassed Hibernation often loads running state of machine into memory without any authentication If hibernation is required, consider ATA drive password combined with power on password. If you have to pick one, ATA is a better option.
19. Different methods for handling lockouts - master password, challenge/response, etc Helpdesk social engineering
20. A locked laptop, unattended, could still be compromised using these techniques Some laptops (eg, Toughbooks) have option to have hard drive removed when leaving machine
21. Forensic penetration test for encryption verification