The TPM crypto processor is not able to prevent hardware attacks, for example, using keyloggers. After the attacker has “worked” on your computer, you just have to stop using it to store confidential information.
TrueCrypt: “We never consider the possibility of hardware attacks, we just assume the worst. These are excerpts from the correspondence between the developers of TrueCrypt and security researcher Joanna Rutkowska about the attacks of the janitor. In principle, their entire security model looks like this: “if our program correctly encrypts a disk and correctly decrypts it, we did our job.” I apologize for the text shown on the next slide, if you find it difficult to read it, I will do it myself. I will quote an excerpt from the technical documentation from the TrueCrypt website: “Our program will not protect any data on the computer if the attacker has physical access to the computer before starting or in the process of running TrueCrypt.”
#HOW TO CRACK TRUECRYPT BOOTLOADER FULL#
If we consider software designed for full disk encryption, it is clear that its creators paid a lot of attention to the theoretical aspects of encryption.
The actual use of encryption does not match the FDE security model. To do this, he just needs to attack the computer itself or somehow deceive the user, convincing him to provide a password, or use a keylogger, etc. An attacker does not need to attack cryptography if he tries to crack the full disk encryption. But you know that this is not the case, and we still have a lot to do to complete it.Įven if you have flawless cryptography and you know that it is almost impossible to crack it, in any case it should be implemented on a real computer, where you have no analogs of reliable black boxes.
#HOW TO CRACK TRUECRYPT BOOTLOADER HOW TO#
We know how to generate random numbers to secure keys, how to control block encryption modes used for full disk encryption, how to securely inherit a key for passwords, so that we can assume that “the mission is complete”, as President Bush said, speaking on board aircraft carrier. So, we have dealt with the theoretical aspects of the need for disk encryption. We will not be able to build a secure Internet without securing every end user. If we want to secure the network, we need to control access to the end user's computer. In addition, you need to control the physical access to the computer and ensure that it is protected from physical impact, because FDE will not help if someone physically takes over your computer. Companies are obliged to inform customers about the leakage of such information, for example, if someone left an unprotected laptop in a car that was hijacked, and now this confidential information may be freely available on the Internet. The same applies to financial and accounting documentation. There are situations where you simply must ensure the secrecy of data, for example, if you are a lawyer or a doctor who has confidential client information. We want to decide for ourselves how to deal with our data and control what happens to it. So, we encrypt your computer because we want to control our data, we want to guarantee their confidentiality and that no one can steal or change it without our knowledge. There is a lot of documentation on software that encrypts the disk, which describes what the software does, what algorithms it uses, which passwords, and so on, but almost never says why. If we do not do this, we will not be able to understand how to organize this work. So why do we encrypt our computers? It is difficult to find someone who would ask this question, so I think it is really important to formulate the motivation of specific actions in the field of security. I think that almost everyone had to leave their computer for at least a few minutes. Tell me, and who generally leaves your computer unattended for a few hours, doesn’t it turn on or off? Consider that I ask these questions, just to make sure that you are not a zombie and do not sleep.
Now let those who completely turn off the computer raise their hands if they leave it unattended. It appears that 90% of you use open source software to encrypt a disk to be able to audit them. Raise your hands, who encrypts the HDD of your computer this way. Thank you all for coming, today we will talk about full disk encryption (FDE), which is not as secure as you think.
0 kommentar(er)
