I had a government customer once ask me about whole drive encryption. This was before the advent of such devices as Seagate’s DriveTrust drives. At the time, the only viable solution for whole drive encryption was PGP Disk.
But before we can start talking about solutions, it might be better to give a clearer understanding of how data is encrypted.
What is AES?
AES is an abbreviation of Advanced Encryption Standard. It is a standard developed by the public and accepted by the government for encrypting data. AES uses the Rijndael encryption cipher and can be used with varying key lengths of 128, 192 and 256 bits. The most common and most secure is 256 which has been approved for protecting even Top Secret data by the NSA. Because of the multiple key lengths, you will commonly see it referred to as AES-128, AES-192 and AES-256 respectively.
The technical details on how encryption works can get quite cumbersome. For an overview of the standard, how it was developed and how it works, you may wish to read the Wikipedia entry here . For a deeper understanding of cryptography, the best book by far that I have read on the subject is Applied Cryptography by Bruce Schneier of CounterPane. Another excellent book that Bruce makes reference to is “The Code Breakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet .” While the first deals with the details and mathematics behind encryption, the latter provides a page turning tome of intrigue.
PGP Disk provides a software based disk encryption solution. The last freeware version was included in 6.0.2i available from http://www.pgpi.org/products/pgpdisk/ . With version 6.5, the product was dropped from the freeware offering. It is still available in later commercial versions of PGP.
According to the PGP site , “PGP Whole Disk Encryption locks down the entire contents of a laptop, desktop, external drive, or USB flash drive, including boot sectors, system, and swap files. The encryption is transparent to the user, automatically protecting data.”
I have not used one of the more recent versions of PGP Disk, but I have used older versions. While technically true that the encryption is transparent to the user, the fact that the drive is encrypted is not and may never be. The reason is simple. If you encrypt your entire drive, you are going to have to enter a key to unlock it before your operating system will boot.
The product is quite sound. I do not recall the encryption mechanism(s) used by previous versions, but the current offering utilizes only one – AES-256. That is more than sufficient to satisfy the most paranoid person’s need.
The PGP site makes reference to a single sign-on mechanism as well which makes me wonder if they truly have the encryption mechanism integrated with LDAP/Active Directory. This would not only ease the transition to their product, but is enough to make this network administrator salivate of the possibility for key escrow and recovery for dearly departed employees and their equipment. A little more research needs to be done by yours truly to see if this really is the case.
Encrypted Hard Drives
As mentioned in the introduction, Seagate has introduced DriveTrust technology which is a hardware encryption mechanism for laptop hard drives. With the new security policies being volleyed around government agencies, this technology alone could render stolen VA laptops and their ilk a thing of the past. Sure, the laptops might still get stolen. But the data would remain safe.
But there is a caveat. Seagate has not released the method of encryption. Have they developed their own encryption algorithm under the Trusted Computing Platform initiative or are they using the generally accepted standard of AES? If the method is AES, which key length is used? 128-bit keys are only certified for Secret information. It takes 192-bit or better for the Top Secret classification. I don’t know about you, but I consider anything that stores my social security number or credit card information to be top secret. It is my identity. Don’t I get to choose the standard? I choose AES-256.
As these products come to market, I can only hope that Seagate will be more forthcoming about their security. Security through obscurity always fails eventually. Just ask the Motion Picture Association of America about their “innovative” CSS encryption for DVD movies.
Leveraging Debian 4.0r0’s Encrypted LVM for Windows
From what I can gather Debian 4.0r0 uses AES-256 to create encrypted hard drives on installation. This is a wonderful thing. Not only is Debian free, but the security of having an entire disk including boot and swap partitions is tremendous.
For those of you thinking that we are going to pull some Linux functionality and place it in the security unconscious Windows environment, think again. What we are going to do is use Linux as a wrapper and run Windows in a virtual environment.
First, you need to make sure that you write down all devices that your computer contains and make sure that they are compatible with Debian. I have gone through the process more than once only to discover that my network cards (both wired and wireless) are incompatible. Make sure that you contact the manufacturer’s websites for the various devices that you are using. Burn those onto removable media of some sort so that they are available. We will be reformatting your machine and you will lose anything saved on it. Make a backup.
Once you are sure that your equipment will support Debian, download an installation from www.us.debian.org. Follow the instructions to partition the drive as an encrypted LVM. Make sure that you select a strong password for the drive and don't forget what it is. Don't write it down on a Post-It and stick it to your monitor either.
When you have your Debian system up and running with a windowed environment (KDE, Gnome, xfce), you will need to install and configure virtualization software. There are a variety of products on the market today – VMWare Workstation, Xen, KVM. Just make sure it runs under Linux and supports the installation of a Windows virtual machine.
After everything is configured, install Windows in the virtual machine. You can then configure Debian to automatically load the virtual machine in full screen on startup. This gives you the ability to run the applications that you are familiar with while giving you a secure base Linux that you can transition to in the future.
This does not secure your Windows environment. Your Windows virtual machine will still be susceptible to all of the security woes that Microsoft has to offer. But it does provide you with the confidence to know that your data is secure if your laptop is stolen or lost.
For a less drastic approach to securing data, you can utilize the freeware product TrueCrypt. This software uses generally accepted algorithms for encryption such as AES-256, TwoFish and Blowfish. The software has the ability to employe multiple encryption algorithms in a layered approach to make the data more secure. You can even select the type of hash that the key uses. I recommend RIPEMD-160 or Whirlpool for the security oriented. The SHA hash algorithms have shown some succeptability to attacks.
TrueCrypt is not whole disk encryption for your primary drive. It does however have the ability to completely encrypt secondary drives and even thumb drives. You can even hide the encrypted partition so that it is not available to prying eyes without the knowledge that it is there.
One of the greatest features of TrueCrypt is the ability to create portable encrypted thumb drives. You can take your media with you and access it from any machine without having to install the software.
TrueCrypt supports both Linux and Windows. Although there are plans to do so in the future, the software does not yet support Mac OSX. This is a bit of a drawback for me because I use all three platforms and have no way to have portable secure media that I can use between them without buying the useful and rather expensive JumpDrive Secure II.
Alas, for the Mac users out there, there is only one free solution that I have been able to find. The Disk Utility application that ships with all Macintosh computers has the ability to create encrypted disk images. These images are only readable on Mac computers and are not portable to Windows or Linux.
The encrypted DMG format only allows for one encryption mechanism – AES-128. It is not my algorithm of choice. I would prefer to have the capability of using AES-256, and even an option to select a different encryptions such as TwoFish, Blowfish or Serpent. I would also like the ability to select different hash algorithms for the keys. I am unaware of the hash format used for these virtual drives. It would be nice if Apple would provide a selection from the most current hash systems of RIPEMD-160 and Whirlpool.
The solution that I currently use is to create an 80GB DMG on a removable 100GB G-Drive. For added security, the entire disk is formatted as a Mac drive. This renders it unreadable on all but Macintosh computers. It is not as secure as I would like it to be, nor as portable. But I suppose that some sacrifices are necessary in order to use my Mac as my primary machine.
Apple is also lacking in a method to provide whole disk encryption. The FileVault feature only encrypts the user directories on a user-by-user basis. The ability to encrypt the entire contents of the drive is becoming a requirement. I hope that Apple is considering this in Leopard. Failure to provide this feature will further limit Macs acceptance as a viable alternative in the marketplace. With the new security mandates for government computers, it will prevent it from being used in both the government and corporate arenas.
Vulnerabilities in MD5 and SHA Hashes
As a final cautionary note, one would be remiss if they did not warn against insecurities in the SHA and MD5 hash schemas. There are several tools out there that can greatly reduce the time and processing power required to perform a brute force attack against these keys. Once the key is compromised, the data that it secures becomes completely insecure. Several papers have been published and tools created demonstrating the vulnerabilities in these systems. The better choice would be to use RIPEMD-160 or Whirlpool.