A View from Simson Garfinkel
Drive Encryption: Two Tales
Where’s a good crypto implementation when you need one?
Two articles on the topic of drive encryption went across my screen this morning. First, an article by the Associated Press revealed that another hard drive from the Department of Veterans Affairs filled with personal information has gone missing. This one, from a VA medical center in Birmingham, AL, was an external backup hard drive with information on 48,000 veterans. According to the article, “up to 20,000” of the 48,000 records were not encrypted. [The VA and FBI had a press release on February 2nd as well.]
The second article, by John Leyden in The Register, reports that computer-security experts think that the BitLocker Drive Encryption system built into Windows Vista is “unlikely to frustrate cybercrime investigation,” according to Brian Karney, a marketing director at Guidance Software.
Taken together, these articles are just weird. If 20,000 records out of 48,000 on the VA’s hard drive were not encrypted, that implies that 28,000 were encrypted. Why would only half of the records be encrypted? What do they mean by “encryption,” anyway?
Encryption is a way of scrambling data so that it can only be deciphered by a person in possession of the correct decryption key.
The big advantage of encrypting information on a hard drive is that it protects the information against theft–provided that the key remains secret and that there is no copy of the unencrypted data on the same hard drive.
But I wonder how the folks at the VA can be so precise about the contents of the lost external hard drive. If you lose a hard drive, you don’t know what’s on it. It’s not like you can inspect it.
Leyden’s article is about the new BitLocker feature that’s in Windows Vista Enterprise and “Ultimate” editions. BitLocker works by encrypting every block when it is written to the hard drive and decrypting the blocks when they are read back. Ideally, this should provide strong protection against theft, provided that the encryption key isn’t stolen along with the hard drive. (It turns out that typically the encryption key is stolen with the hard drive, but the key itself is encrypted with a pass phrase so that it can’t be readily used.)
So what’s wrong with BitLocker? I’m not sure. First, Leyden says that two of BitLocker’s three modes of operation require a cryptographic chip called a Trusted Platform Module, and TPMs aren’t widely deployed. Well, that’s true, but that doesn’t mean that BitLocker won’t work on systems without a TPM: it just means that you have to use the mode that runs without hardware support.
The version of Bitlocker that works without a TPM keeps the encryption key on a USB device. The folks from Guidance say “no problem, just seize the USB keys as well.” Well, that’s true–if the USB device is there, and if the key itself isn’t encrypted.
BitLocker probably won’t be an issue for law enforcement, at least at first. Brian Karney at Guidance points out that forensic tools can access the encrypted volume of a running system just like any other program: having full access to the encrypted data provided that the decryption key has already been entered into the computer. Encrypted volumes on computers that are turned off will present a problem, of course, but only in cases where the cryptographic technology is actually being used. The real problem with BitLocker is that it’s not ubiquitous and its not automatic: you have to get one of the most expensive versions of Vista, and then you need to manually turn it on.
Any lawbreaker who wants to use encryption doesn’t need to wait for BitLocker: all he or she needs to do is download a copy of TrueCrypt or buy a Mac and enable FileVault. This is good advice not just for lawbreakers, of course, but also for anybody who has confidential data on his or her hard drive. I have FileVault enabled on my laptop as well as on every desktop that’s not in my house. It slows down the Mac somewhat, but the extra security is worth it.