Seagate ST9500421AS Princeton Attack on Software Encryption - Page 3

Q: Is hardware FDE vulnerable to the DRAM

Get Seagate ST9500421AS - Momentus 7200 FDE 500 GB Hard Drive PDF manuals and user guides
UPC - 000000000000
View all Seagate ST9500421AS manuals
Add to My Manuals
Save this manual to your list of manuals

Page 3 highlights

Princeton Attack on Software Encryption Q: If I power off my computer, am I vulnerable to key theft? A: Yes, you are vulnerable to at least two types of attacks, if you are using a software encryption package that keeps its encryption keys in memory. First, it will take several seconds or even minutes for the contents of your memory to decay, so a hacker that accesses the computer soon after it has powered down can tap the computer's memory to find the encryption keys. Second, a hacker could write a program that scans your computer's memory anytime your system is booted and encryption is running. This program could run quietly in the background, locating and capturing any encryption keys left in memory. Hardware FDE keeps your encryption keys out of computer memory at all times, protecting the keys against this type of theft. Q: Does the type of encryption matter in this theft? A: No. Encryption relies on what is termed "symmetric key cryptography" by security experts-the same key is used to encrypt and decrypt the data. For symmetric key cryptography, the key must be as random as possible, regardless of the type of encryption used. Q: What can I do to prevent this theft? A: Never leave your computer running where it can be easily accessed by a potential hacker or thief, and be sure to wait a few minutes before leaving your computer to allow the contents of your DRAM to gradually disappear. If a thief or attacker cannot get physical possession of your computer, he or she cannot freeze your DRAM or get to your data. If this is not possible, never leave your computer unattended in standby mode. Instead, always use the hibernate mode anytime you are not present. In the standby mode, your computer keeps the operating system and encryption keys in memory so that the system can restart as quickly as possible (whenever you open the lid). In hibernate mode, all contents of memory are written to disk and the system is powered down. After a few minutes, the computer's memory is empty, so freezing the DRAM will be useless. The disadvantage of this mode is that it takes longer for the system to load (~10 seconds longer for the newest laptops) and the user password must be entered each time the computer lid is opened. Q: Is it possible to remove my encryption key from memory when my computer is in standby mode? A: Yes. Your software encryption could erase the encryption key each time you go into standby mode (i.e., shutting the lid on your laptop), but this will require that you re-enter your password each time you open the lid on your laptop, since the key will be lost. Please note that your software must explicitly erase the encryption key. Requiring a password each time you open the lid is not enough. Q: How does hardware FDE help? A: Hardware FDE, such as that provided by the Seagate Momentus 5400 FDE.2 drive, never leaves the encryption key in the laptop's memory. Since the encryption key is never in memory, a hacker can never find it by scanning memory, and the laptop user's data is much less vulnerable. Of course, even the Momentus 5400 FDE.2 drive offers little protection if a user leaves the laptop unattended in standby mode. All a thief needs to do is to lift the laptop lid, and (assuming that some type of password protection upon resuming from standby has not been set up) copy all of the data to an external storage device. Q: Is hardware FDE vulnerable to the DRAM freezing attack? A: No. The drive memory and components on the Momentus 5400 FDE.2 drive are mounted in a way that would require a hacker to remove the drive's PCBA (printed circuit board assembly) and flip it over in order to gain access-a process that would cut off power to the drive, locking it and removing the encryption keys from drive memory. In addition, the Momentus 5400 FDE.2 drive keeps encryption keys in drive memory for as short a time as possible and overwrites the key with zeros after each use. Because keys can be contained in drive memory, Seagate carefully secures the drive using hardware and software mechanisms to prevent access to the drive memory by all but authorized users.

  • 1
  • 2
  • 3
  • 4
Q: If I power off my computer, am I vulnerable
to key theft?
A: Yes, you are vulnerable to at least two types
of attacks, if you are using a software encryption
package that keeps its encryption keys in
memory. First, it will take several seconds or even
minutes for the contents of your memory to decay,
so a hacker that accesses the computer soon
after it has powered down can tap the computer’s
memory to find the encryption keys. Second, a
hacker could write a program that scans your
computer’s memory anytime your system is
booted and encryption is running. This program
could run quietly in the background, locating and
capturing any encryption keys left in memory.
Hardware FDE keeps your encryption keys out of
computer memory at all times, protecting the keys
against this type of theft.
Q: Does the type of encryption matter
in this theft?
A: No. Encryption relies on what is termed
“symmetric key cryptography” by security
experts—the same key is used to encrypt
and decrypt the data. For symmetric key
cryptography, the key must be as random
as possible, regardless of the type of
encryption used.
Q: What can I do to prevent this theft?
A: Never leave your computer running where it
can be easily accessed by a potential hacker or
thief, and be sure to wait a few minutes before
leaving your computer to allow the contents of
your DRAM to gradually disappear.
If a thief or
attacker cannot get physical possession of your
computer, he or she cannot freeze your DRAM
or get to your data.
If this is not possible, never
leave your computer unattended in standby
mode. Instead, always use the hibernate mode
anytime you are not present. In the standby mode,
your computer keeps the operating system and
encryption keys in memory so that the system
can restart as quickly as possible (whenever you
open the lid). In hibernate mode, all contents
of memory are written to disk and the system
is powered down. After a few minutes, the
computer’s memory is empty, so freezing the
DRAM will be useless. The disadvantage of this
mode is that it takes longer for the system to load
(~10 seconds longer for the newest laptops) and
the user password must be entered each time the
computer lid is opened.
Q: Is it possible to remove my encryption key
from memory when my computer is in standby
mode?
A: Yes. Your software encryption could erase
the encryption key each time you go into standby
mode (i.e., shutting the lid on your laptop), but this
will require that you re-enter your password each
time you open the lid on your laptop, since the key
will be lost. Please note that your software must
explicitly erase the encryption key. Requiring a
password each time you open the lid is
not enough.
Q: How does hardware FDE help?
A: Hardware FDE, such as that provided by the
Seagate Momentus 5400 FDE.2 drive, never
leaves the encryption key in the laptop’s memory.
Since the encryption key is never in memory, a
hacker can never find it by scanning memory, and
the laptop user’s data is much less vulnerable.
Of course, even the Momentus 5400 FDE.2 drive
offers little protection if a user leaves the laptop
unattended in standby mode. All a thief needs
to do is to lift the laptop lid, and (assuming that
some type of password protection upon resuming
from standby has not been set up) copy all of the
data to an external storage device.
Q: Is hardware FDE vulnerable to the DRAM
freezing attack?
A: No. The drive memory and components on
the Momentus 5400 FDE.2 drive are mounted in
a way that would require a hacker to remove the
drive’s PCBA (printed circuit board assembly)
and flip it over in order to gain access—a process
that would cut off power to the drive, locking
it and removing the encryption keys from drive
memory. In addition, the Momentus 5400 FDE.2
drive keeps encryption keys in drive memory for
as short a time as possible and overwrites the
key with zeros after each use. Because keys can
be contained in drive memory, Seagate carefully
secures the drive using hardware and software
mechanisms to prevent access to the drive
memory by all but authorized users.
Princeton Attack on Software Encryption