So against equally skilled attackers and defenders the attacker has the advantage of looking for one undefended vantage point. In general it’s difficult to defend against what you can neither see or understand. Thus it’s reasonable to suppose that there are many currently unknown security vulnerabilities in such products. The problem now is several generations later whilst there are now the resources putting security back in is a Herculean task, thus the “bolt on not build in” path was followed… Bolting on is never an elegant or efficient process and thus “chinks in the armour” almost always result. Unfortunately the original “better than unix” design suffered from resource issues and security was an early sacrifice on the table as it almost always is. In this day and age I don’t think you can buy a laptop that has not already been backdoored by some malware company in one way or another… and it’s not just M$ products that have usability-v-security issues. Tags: BitLocker, CIA, encryption, NSA, side-channel attacks, WindowsĬan the NSA ever secure a M$ product long enough against the FBI? I see no reason to remove it other than to make the encryption weaker. I believe that was unsuccessful.ĮDITED TO ADD (3/12): Starting with Windows 8, Microsoft removed the Elephant Diffuser from BitLocker. So I don’t think this means that BitLocker is broken.īut who knows? We do know that the FBI pressured Microsoft to add a backdoor to BitLocker in 2005. I do take it to mean that the NSA can perform a bunch of clever hacks on a BitLocker-encrypted hard drive while it is running. I don’t take this to mean that the NSA can take a BitLocker-encrypted hard drive and recover the key. If the chip is powered down, or if it doesn’t have the key inside, there’s no attack. What’s important here is that this is an attack to extract key information from a chip while it is running. Basically, it examines a chip’s power consumption while it performs encryption and decryption operations and uses that information to recover the key. We will describe a case study in which modifications to Microsoft’s Bitlocker encrypted metadata prevents software-level detection of changes to the BIOS.ĭifferential power analysis is a powerful cryptanalytic attack. The ability to obtain a private TPM key not only provides access to TPM-encrypted data, but also enables us to circumvent the root-of-trust system by modifying expected digest values in sealed data. We will also describe and present results for an entirely new unpublished attack against a Chinese Remainder Theorem (CRT) implementation of RSA that will yield private key information in a single trace. In addition to conventional wired power analysis, we will present results for extracting the key by measuring electromagnetic signals emanating from the TPM while it remains on the motherboard. We will discuss the details of these attacks and provide insight into how private TPM key information can be obtained with power analysis. We have employed a number of publically known attacks against the RSA cryptography found in TPMs from five different manufacturers. Power analysis, a side-channel attack, can be used against secure devices to non-invasively extract protected cryptographic information such as implementation details or secret keys. The source document, though, is much less definitive about it. This implies that the US intelligence community-I’m guessing the NSA here-can break BitLocker. Microsoft declined to comment for this story. Because the TPM chip is used to protect the system from untrusted software, attacking it could allow the covert installation of malware onto the computer, which could be used to access otherwise encrypted communications and files of consumers. Researchers at the CIA conference in 2010 boasted about the ability to extract the encryption keys used by BitLocker and thus decrypt private data stored on the computer. There’s a paragraph about Microsoft’s BitLocker, the encryption system used to protect MS Windows computers:Īlso presented at the Jamboree were successes in the targeting of Microsoft’s disk encryption technology, and the TPM chips that are used to store its encryption keys. There are some interesting documents associated with the article, but not a lot of hard information. These are from the Snowden documents, and talk about a conference called the Trusted Computing Base Jamboree. The Intercept has a new story on the CIA’s-yes, the CIA, not the NSA-efforts to break encryption.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |