Is Full Disk Encryption Too Good?

This paper by four security researchers on the effects of whole disk encryption on forensic investigations garnered a lot of press after it suggested that the increasing use of full disk encryption tools is hampering some investigations. According the paper’s abstract (emphasis added),

The increasing use of full disk encryption (FDE) can significantly hamper digital investigations, potentially preventing access to all digital evidence in a case. The practice of shutting down an evidential computer is not an acceptable technique when dealing with FDE or even volume encryption because it may result in all data on the device being rendered inaccessible for forensic examination. To address this challenge, there is a pressing need for more effective on-scene capabilities to detect and preserve encryption prior to pulling the plug. In addition, to give digital investigators the best chance of obtaining decrypted data in the field, prosecutors need to prepare search warrants with FDE in mind. This paper describes how FDE has hampered past investigations, and how circumventing FDE has benefited certain cases. This paper goes on to provide guidance for gathering items at the crime scene that may be useful for accessing encrypted data, and for performing on-scene forensic acquisitions of live computer systems. These measures increase the chances of acquiring digital evidence in an unencrypted state or capturing an encryption key or passphrase. Some implications for drafting and executing search warrants to dealing with FDE are discussed.

The sentences I added emphasis to are interesting. Once a laptop or computer that has been encrypted with FDE is shut off, gaining access to the data is going to be extremely difficult unless the password/passphrase used is very weak or easily guessable, or if the owner can be persuaded, compelled or tricked into surrendering it. On the other hand, if the machine is left on when investigators arrive, there are a number of ways to recover the key, including using a cold boot attack where the RAM is preserved and copied in an effort to recover the key.

So if your computer is likely to be the focus of one of these attacks, ideally there needs to be a way to shut it down as quickly as possible, ideally one that doesn’t require user intervention.

Toni Korpela offers an interesting solution for quickly and automatically shutting down a computer that you still have physical access to without appearing to be shutting it down. He has written a script for his Fedora laptop that executes at user logon,

When the script is executed it starts looping a check where it checks first if my SD-Card is mounted at /media/DATA/ then it checks if file /media/DATA/.key exists if the key exists then it opens it and reads the contents and compares the “password” stored in the file to another hash stored in the hard drive. If any of these steps fail the system will initiate the Linux shutdown command. If everything passes the script will make the loop sleep few seconds to lessen CPU usage. Thought he sleep is not enough long to do much anything on the PC if the SD-Card is not mounted.

Very clever.

I’m not sure that the silly three letter agencies have much to worry about, however, as most people I know a) don’t see any value in full disk encryption, and b) if they did would likely used incredibly weak/easily guessable passwords.

I’d also think that unless there were an imminent risk of some violent action by the subject of such an investigation, that there are several fairly easy ways to grab the key, from installing a keylogger on the system by modifying the bootloader, to installation of a camera or other recording device to physically record the keys being press on bootup. Full disk encryption certainly raises the costs for any attacker to access information on an encrypted disk, but it by no means render such access impossible.

(With that said, I use full disk encryption on every disk I use, with an extremely long passphrase that I’ve never shared with anyone).

4 thoughts on “Is Full Disk Encryption Too Good?”

  1. Are you worried at all you’ll forget your password (or not pick the one you thought you did), and be completely locked out of your computer? I fret.

  2. I use a passphrase that it would be extremely difficult for me to forget under normal circumstance. Plus I have my laptops set up so I have to enter the phrase when recovering from hibernation or sleep mode as well as startup– so I probably type the darn thing 7 or 8 times a day (Windows crashes are a security feature in that respect!).

    I am more worried (and I seriously do worry about this) of head trauma or a stroke. Also, I haven’t yet shared the password with my wife or anyone else, so if I have a heart attack in the middle of writing this post, there’s no ability to access any of the data. Key escrow for situations like that is a pain without getting multiple lawyers involved (which is how Cory Doctorow soled this — by giving portions of the key to different lawyers in different legal jurisdictions who essentially have to agree that there’s a good reason to get together and assemble the entire key, such as in the case of being incapacitated but not in the case that Cory’s in Guantanamo and the CIA really wants access to his laptop).

  3. Interesting. For key escrow, I also wonder if it’s still legal for a wife to refuse to testify against her husband, and if that would include not disclosing his key if it’s not written anywhere. (I doubt there’s a clear answer for that until someone tries it.) But I was also worried about simply making a typo one time and being locked out. This is the single biggest thing that has kept me from using something like Mac’s whole-disk encryption.

  4. @Mark Morgan: in federal court and most state courts spouses can actually prevent testimony by a spouse under certain circumstances. There are quite a few exceptions, however. So if I tell my wife “here’s my key so you can access my data in case I die”, if the court can’t compel me to testify to my key, it probably won’t be able to compel my wife to testify.

    However, if I tell my wife “I’m encrypting my laptop with this key so no one discovers my plans to blow up the Pentagon” then a spouse can be compelled to testify.

    So far, though, it is unresolved whether an encryption key something that is protected by the 5th amendment. If it turns out not to be, then sharing with a spouse is probably a bad idea.

    That being said, my main concern is potential laptop thieves and snooping friends/relatives/co-workers, not the feds.

    As for the typo issue, the real danger would be that you would decide you wanted to use “thisismypassphrase” and you accidentally typed “thisismypassphraseSSS” when encrypting. You’re correct — a typo like that would effectively lock you out of the data forever.

    Typically I always encrypt and then test media when their either blank (such as new external hard drives) or immediately out of the box for computers. So the first thing I do when I get a new laptop, the first thing I do is encrpyt it and then test the passphrase to make sure it all worked correctly.

    Systems like TrueCrypt will make you type the passphrase twice and I will usually also check the option that will show me the passphrase plaintext before I hit “Next” just to make sure. Reduces security, but just draw the drapes and make sure you’re in an area not being monitored by security cams.

    A lot of it comes down to risk management. I’ve only had an account compromised once in a couple decades now (and that was for a game), and I’ve never had anything stolen. But if someone did steal my laptop and it was unencrypted, they’d essentially have my entire life at their fingertips. I sleep better knowing its all encrypted.

Leave a Reply