Don’t Panic, Your Data Is Secure
Unless you're James Bond or Jack Bauer, the news that disk encryption is compromised shouldn't make you lose any sleep, says Charlie Martin. He explains why.
February 24, 2008 - 2:00 am
Researchers at Princeton University announced last week that they could, under certain conditions, retrieve data from a computer’s memory even though it had been turned off. The announcement was made based on a new paper from the research group led by Princeton’s Ed Felten, described in the researchers’ blog and more completely described by a technical paper and a video demonstration.
Various computer news sites covered the same story; all discuss how this could be used to get at data people may have thought was secured by encryption. This concerns a lot of computer security people, for good reason, but it’s now been picked up by the New York Times, with the headline “Researchers Find Way to Steal Encrypted Data”.
Before the panic attacks start, let’s look at what really has been demonstrated. Then, at least if we panic, we’ll know why. To understand this whole discussion, we need to talk a little bit about computers. Since you’re reading this on a computer, you probably already know that computers have, among other things, disk memory and RAM memory. The disk is relatively slow, and stores data for a long time in a stable form (at least until the disk hardware fails and the disk “crashes”.)
Computers and Disk Encryption
Modern laptop computers have many hundreds of gigabytes worth of data space available on their hard drives, which means room for hundreds of thousands, or millions, of pages of text. This makes them very convenient to use, but it also means that any user might be carrying around information worth millions of dollars — anything from a writer’s new blockbuster exposé, to records on tens of thousands of veterans, to the terrorist’s secret plans to blow up Disneyland. If
the laptop is lost, and the data on the drive can be retrieved, the perpetrators may get away, the veterans might have their identities stolen, the terrorists might be foiled.
Of course, we all want the terrorists foiled, but we might not want anyone to be able to find our notes for the blockbuster, or the veterans’ Social Security numbers. So there are a variety of products around called “disk encryptors” that use an encryption, a mathematical code, to make the data unreadable unless you have the special password, or “key.” If you don’t have the key, the data on the disk is meaningless, gibberish; if you have the key, it’s readable.
Computers, including the your laptop, have a second kind of memory call RAM (for “random access memory”.) RAM memory is fast, not as stable, and is used essentially for the working memory, the ‘scratchpad” that your running programs need. In fact, in most computers, this memory is what is called dynamic RAM, which just means the computer has to refresh the memory every so often; in fact,
it’s refreshed thousands of times a second, transparently. You never know about it, nor do you need to; since it’s dynamic, the usual understanding is that once the power is off and the refresh cycle stops, the data in DRAM is lost.
When you use an encryption program for your disk, normally has to be in memory so the disk’s data can be read. When you use a disk encryption program, like TruCrypt for Windows or FileVault on a Mac, you have to enter the key in order to read the data, and that means the key is sitting somewhere in the computers DRAM while you’re using it.
Most users don’t know or care. (Government agencies are different; a computer handling top secret information is protected in various overt and subtle ways. But they’re not most users.) Users who do care have depended on the fact that their key disappears when the power shuts off. And here endeth the expository lump.
Cracking the Code
What Felten’s group showed was that these keys in DRAM don’t disappear instantly. There is a short time after the power is turned off in which you can recover data from the DRAM memory; if that includes the keys you need to read the disk, then the disk is compromised too. What’s more, by chilling the DRAM, you can extend the time it takes for the data to be lost: chill it to -50º C (about -58º F) and it can last for much longer; chill it with easily available liquid nitrogen to -196º C (-320º F) and it can be read for hours. Then Felten’s group demonstrated that by chilling the chips in a computer that used a commercial disk encryption product, they had plenty of time to use a small software tool called “UnBitLocker” to capture the keys, which let them read the encrypted data off the disk.
What it Means
Obviously, if you don’t turn the power off, it’s even worse: if you’re in the habit of carrying around your laptop in “sleep” or “suspend” mode, or using an “instant on” function, there is always the chance that someone could steal your laptop, extract your keys, read your data, and do bad things with it. If you are a little more wary and you were depending on power off to save you from having your keys taken, you need to think about this — but how much of a risk is it really?
I suggest not much. While it’s true that this could be used to get at encrypted data, let’s think about what it takes to do it. First of all, at normal operating temperatures according to the paper, data persists in DRAM for roughly between three and thirty seconds, and the fancier and more recent your computer is, the faster the data disappears. So long as you shut down your computer, within a minute or so, you’re safe from this attack. (You’re not, of course, safe from someone holding a gun to your head and saying “give me the key,” which would be a more common attack anyway.)
If the computer still has power, then to make use of this attack, the attacker must first get the computer away from you without shutting it off, then use the UnBitLocker software to find the keys. If they’re not going to be able to do that immediately, they can chill the computer with a cold spray, or even liquid nitrogen, and take their time. But they have to be technically sophisticated, know what computer to steal, and know how to apply this technique, in order to use it. That’s a lot of work, and pretty specialized thieves.
That kind of specialized, sophisticated thief certainly exists: they’re called “spies”. This is why TOP SECRET information is supposed to be more protected, in specialized containers, secured behind locked doors. James Bond and Jack Bauer could pull it off; TOP SECRET information can be worth this kind of effort, and a lot more.
Personal data, not so much.
The real lesson here is that if you’re worried enough about your data to use a disk encryption product, you shouldn’t leave the power on to your computer when you don’t need to. Turn the power off, and a minute later you’re safe from any but the most sophisticated attack, or the most brutally unsophisticated.
Charlie Martin is a Colorado computer scientist and nearly-successful screenwriter who contributes to the Flares Into Darkness political blog as ‘Seneca the Younger,’ and blogs under his own name at the aggressively non-political Explorations blog.