Earlier
this month, Joanna Rutkowska implemented the "evil maid" attack
against TrueCrypt. The same kind of attack should work against any whole-disk
encryption, including PGP Disk and BitLocker. Basically, the attack works like
this:
Step 1:
Attacker gains access to your shut-down computer and boots it from a separate
volume. The attacker writes a hacked bootloader onto your system, then shuts it
down.
Step 2: You
boot your computer using the attacker's hacked bootloader, entering your
encryption key. Once the disk is unlocked, the hacked bootloader does its
mischief. It might install malware to capture the key and send it over the
Internet somewhere, or store it in some location on the disk to be retrieved
later, or whatever.
You can see
why it's called the "evil maid" attack; a likely scenario is that you
leave your encrypted computer in your hotel room when you go out to dinner, and
the maid sneaks in and installs the hacked bootloader. The same maid could even
sneak back the next night and erase any traces of her actions.
This attack
exploits the same basic vulnerability as the "Cold Boot" attack from
last year, and the "Stoned Boot" attack from earlier this year, and
there's no real defense to this sort of thing. As soon as you give up physical
control of your computer, all bets are off.
Similar hardware-based attacks were among
the main reasons why Symantec’s CTO Mark Bregman was recently advised by
"three-letter agencies in the US Government" to use separate laptop
and mobile device when traveling to China, citing potential hardware-based
compromise.
PGP sums it
up in their blog.
No security product on the market today can
protect you if the underlying computer has been compromised by malware with
root level administrative privileges. That said, there exists well-understood
common sense defenses against "Cold Boot," "Stoned Boot"
"Evil Maid," and many other attacks yet to be named and publicized.
The
defenses are basically two-factor authentication: a token you don't leave in
your hotel room for the maid to find and use. The maid could still corrupt the
machine, but it's more work than just storing the password for later use.
Putting your data on a thumb drive and taking it with you doesn't work; when
you return you're plugging your thumb into a corrupted machine.
The real
defense here is trusted boot, something Trusted Computing is supposed to
enable. But Trusted Computing has its own problems, which is why we haven't
seen anything out of Microsoft in the seven-plus years they have been working
on it (I wrote this in 2002 about what they then called Palladium).
In the
meantime, people who encrypt their hard drives, or partitions on their hard
drives, have to realize that the encryption gives them less protection than
they probably believe. It protects against someone confiscating or stealing
their computer and then trying to get at the data. It does not protect against
an attacker who has access to your computer over a period of time during which
you use it, too.
No hay comentarios:
Publicar un comentario