I will go over what is disk encryption, why you should care about it, what are some of the implementations, attacks, as well as what options you can choose from aside from Bitlocker
What is disk encryption
You know this already, but I will mention it, nonetheless as a sanity check of sorts.
Disk encryption is protection of a logical part of a disk such as a folder and/or partition, or a whole disk with the use of cryptography.
That Disk can be internal or external, a USB flash drive, an SD card, a DVD/CD, an ISO image, and most storage mediums/filesystems/blobs, etc.
Software Disk Encryption
Disk encryption can be implemented with software. Some of those solutions include:
And many more.
Hardware Disk Encryption
Disk encryption can also be implemented in hardware. This is usually implemented in modern SSDs and is called self-encrypting drives a.k.a. SEDs.
Whole disk encryption
Important thing to note here is that this type of encryption encompasses the whole OS and files/data. Even though the name implies that all of the bits found on that disk are encrypted, this is not necessarily true in all cases.
It mostly won’t be true for software-based disk encryption because the boot/swap partitions, MBR (Master Boot Record
) can happen to be non-encrypted. When it comes to hardware-based disk encryption, there are some self-encrypting drives that actually can do a full disk encryption.
On the other hand, just a partition or a container can be encrypted, in which case, the data selected within the partition/container ends up encrypted instead of the entire system.
What does disk encryption protect from and how?
It is quite important to understand what types of threats can disk encryption mitigate, as well as to not misunderstand the purpose of disk encryption.
First and foremost, disk encryption protects your data in case someone was to obtain physical access to your device. In cases such as you are losing your device, or it being stolen, seized, or if its left unguarded (prevents tampering/accessing the device) … other potential cases where disk encryption can protect you is if the hardware is sent to the repair, or is being shipped, as well as if you want to get rid of your hardware securely.
It’s important to note that disk encryption also protects the integrity of your files/OS, due to built in integrity controls. This prevents a slew of nastiness, such as Keyloggers, Rootkits, and other malware.
Simply put, disk encryption protects you by rendering the files on the disk unreadable without the correct key/password (password, in most cases, actually creates that key). To read the files on your encrypted disk your OS needs to be running, and you have to enter your key.
Remember, even a (complex) password on your OS (lock screen), without
disk encryption doesn’t protect you from a case in which someone has physical access to your device. They can simply bypass your password by booting it into another system to explore it. Or they can remove the hard drive and plug it in into another device. This is also where disk encryption comes into play – they can not go through your filesystem if it has full disk encryption.
What is not protected with disk encryption?
This is important to understand, and, in fact, disk encryption won’t protect you from a wide array of threats, however, it protects against physical access-based attacks against your device. Your traffic can still be observed, malware can still get inside your device, etc.
This is because of the way it works, and after you’ve entered your key (password) and your OS is running, you won’t have any
protection. Thus, any malware that slips inside can in theory get access to your data and do whatever it was designed for (it can even steal your key – from memory, or by installing keyloggers, etc).
This is due to the fact that when you punch your password in to decrypt your drive, the key will reside in memory. If someone can access your memory, they can also find your key, thus can decrypt your drive.
You’ve probably heard of the Cold Boot Attack
… this is possible because the key can remain in memory for a short period of time after you’ve switched your device off.
There is also something called key disclosure law
, you can also check out this site
to read a summary of how a specific country handles encryption.
I want to go over some potential attacks against (whole) disk encryption. There’s the breaking of crypto algorithms and brute force attacks, as you might imagine… let’s try and figure out how effective can those be.
Those will usually involve ciphers (like AES, Blowfish, etc.) and a cipher is considered strong as long as a there isn’t any method for breaking it that exists. However, this doesn’t guarantee that in the future we might not develop methods that could break them. Bear that in mind, AES might be strong today, but there’s a realistic chance it will stop being useful for us in the future. AES, Blowfish, and such ciphers should be good for the next decade or two, though, from what we know through our studies of these ciphers.
If we’re talking about (potentially) mitigating these, some encryption systems allow us to combine encryption algorithms – for example, you can have AES(Twofish(Serpent)). This could imply that the attacker would have to devise a method per
algorithm so they can break that encryption.
Basically, the only practical attacks (currently) against crypto algorithms are brute force attacks – dictionary/hybrid.
What does the future hold? Quantum computers
As we all know, quantum computers will become a thing at some point in the future, and there’s been much fuss about how that will bring the end of the world because of their ability to crack all currently used crypto algorithms with ease – such as AES.
The truth is that they will effectively half
the strength of symmetric keys, which implies we would have to double the size of our key to get the approximate level of protection as we currently have. This implies that 128-bit keys could be broken with a quantum computer.
However, 256-bit keys would still provide protection from quantum computers. Asymmetric algorithms would need to be replaced, though. Asymmetric encryption isn’t
used in disk encryption, by the way.
The reason why 256-bit keys could still hold up against the quantum computer is the fact that if you were to attack the 256-bit key space, you’d have to go against the laws of nature themselves… and in this particular case it means checking for keys, and even if your computer could check for billions keys per second, it would still take an unimaginable amount of time
. It’s just the way it is. This is another interesting article on the topic
. Quantum anything really, is always somewhat of a mystery… even though today’s smartphone batteries and the whole advance in that field owes tremendeous debt to Fermi’s levels/Fermi’s energy (part of solid state physics) we still don’t fundamentally understand
the topic, as Feynmann so succintly pointed out.
Quantum weirdness is not out of the question and we might uncover something that will indeed be game changing, but 256-bit will still be decently strong, if not totally unbreakable, for a decent period of time to come…
Thus, if you’d like to future proof for a bit, go for more than 128-bits, 156 or more, ideally 256 – why not, if you can? Of course, since passwords are used to generate encryption keys so you would also want to use strong passwords here.
Hardware and software encryption systems – implementations vulnerabilities
Implementation and configuration vulnerabilities are generally your weakest link. When it comes to these crypto systems, since they can be either open source or closed source, depending on their origin they might rely more on the scrutiny from the community, or on the trust from its creator, for the latter.
Generally, these systems should be audited well, if one were to place actual trust into that specific product, but since this is what we have, I just wanted to mention that so you can take it into consideration, adjust your threat/risk model, and go on about your day!
They could also have implementation weaknesses/backdoors that have been introduced by an adversary (usually of the 3-letter agency level of skill, regardless if it’s a govt or a criminal group… )
Lastly, there are also unknown risks that stem from the features that are unknown, whatever it is that we haven’t accounted for. These aren’t something you can fully prepare against, but you can try and adjust your model so you have some sort of compensating
controls, in case something like that ever happens.
I hoped you enjoyed my short encryption-themed article and some of the considerations I’ve laid out in the article for you. It’s an exciting topic, as we all know how much our digital world relies on cryptography; while it can also be used by some (maybe not intentionally) to scare people, which is why I included the What does the future hold?
paragraph, in hopes of providing a sort of disambiguation on that topic.
Cover image by Maximal Focus
#encryption #aes #full-disk-encryption #attacks #quantum-computers