 |
|
 |
|
|
Redspin Security Management Advisory
|
 Back To Redspin Security Management Advisory Headlines
|
 |
Volume 7 | October 2008
|
 |
|
You have all the time in the world to configure and tweak your laptop — up until the moment it gets lost or stolen.
You've read about the guy who lost his laptop in the airport, containing the unencrypted personal details of 133,000 Florida residents. Or the guy from the UK's Ministry of Defense who left his laptop in a taxi and had to report the loss of personal details of 600,000 people.
Don't be that guy.
|
|
|
Laptop Encryption is a Funny Thing
Most other security controls or appliances allow you to make changes on the fly. You buy a fancy new UTM firewall, get everything setup, and roll it into production just to find out you forgot to block some specific traffic. No huge deal, you log in and add the rule. You find that your web filter is killing the connection to a vendor's website, so you white list the URL and go about your day.
With laptop encryption, you have all the time in the world to configure and tweak it to your liking — up until the moment it gets lost or stolen. Once that laptop leaves your control, you can't change anything about it. You can't log in and set a stronger pass phrase. You can't check to be sure all sensitive files are getting encrypted. The security level you had configured at the second it was stolen is all the protection that device will ever have. You'd better get it right the first time.
This rings especially true in this day and age, where catastrophic data breeches seem to be a daily occurrence. Add in the flurry of laws and bills that have been passed regarding data breeches over the past few years, and you have the perfect recipe for disaster if your encryption solution isn't up to par. It seems like such a simple task, choosing laptop encryption, but too many companies gloss over it.
There are two major players when it comes to laptop encryption: full disk encryption and file encryption. Full disk encryption encrypts the entire drive, minus some critical boot files. This means before a computer can boot much past the BIOS, you have to enter a pass phrase to unlock the drive. Anything and everything saved anywhere on the drive, with any extension will be encrypted. This does have some impact on usability as the user will need to enter first the encryption passphrase to unlock the disk, and then the usual user name and password to log into the machine. Full disk encryption (assuming strong ciphers and pass phrases) provides the ultimate in data assurance.
File encryption can encrypt certain folders or files with certain extensions, but leaves critical system files and folders unencrypted. Most file encryption solutions are based on Microsoft's EFS technology. It can be set up so everything in the user's 'My Documents' folder plus the common office extensions gets encrypted. This allows the laptop to boot normally and has the least impact on usability. In most cases the encryption and decryption is tied to a user's login which makes it transparent to whoever is using it.
This is all well and good for the sales team, but what about security? What if Bob saves all the payroll data in C:, or Sally decides to download customer information to her laptop that doesn't end in a supported file extension? Will you know beyond a doubt that all the sensitive data on a stolen laptop was encrypted? How would you sleep knowing the HR manager's laptop got stolen?
Being naturally curious, we recently analyzed an EFS based file-encryption solution from a major encryption vendor. Here's how it fared in Redspin's lab:
|
|
Attacks Against EFS Based Encryption
- Cached Domain Credentials - EFS uses the user's password to unlock the private key, so the encrypted files are only as strong as the password policy. Snagging the cached domain credentials and dictionary attacking them will almost always yield good results. Cached domain credentials are stored in a salted MD4 format, which means rainbow tables are out. Still, with extensive dictionaries readily available, this attack will prove the most fruitful. Once you are logged in as a specific user, all of that user's files are automatically decrypted for your viewing pleasure.
- Lateral Thievery - Since EFS works on a per-file basis, we can easily identify interesting looking documents. Booting the laptop off of a live cd will allow you to export the user's profile along with all the encrypted files you can manage. Then, you can import the profiles and data into a clean XP (or whatever) install. Basically, you take the encrypted files and user profiles and toss them on another box. This way you can attack to your hearts content without the vendor's software rules getting in your way. At this point, its just EFS encrypted files - no more glossy encryption software front-end to battle with.
- Brute-force - You need a few key components to decrypt EFS files. You need the username, password, the EFS private keys, and the EFS encrypted file. Since we can get the username, the EFS keys, and the encrypted files, the only variable left is the password. Considering that most password policies are weak, and knowing that the laptop is usually part of a domain makes cached credential attacking your best option. However, if you pulled the lateral thievery trick, there are some good tools to use. Efskey, aefsdr, and reccerts are all applications that take advantage of this situation. They search a box for the components we talked about earlier, and allow you to brute the password. Microsoft wrote reccerts.exe specifically as a disaster recovery tool for recovering EFS documents.
- Plain Sight - Since EFS can't encrypt certain directories...those would be the first ones to check. Also, the program files folder holds a lot of cached data that can be very interesting. Other things of note that aren't / can't be encrypted are VPN private keys, IE & Firefox password store, network settings (useful for pairing with the VPN keys), Application Data in the users profile, the registry (which usually holds a wealth of goodies), and the systems logs.
All in all, not the best recommendation for file-encryption.
|
|
Full Disk Encryption Is Recommended
Between the necessary assumption that users are careless (they are, after all, the ones who leave their laptops in taxis and in airports), and the relative ease with which file-encryption can be broken, Redspin recommends full disk encryption for anyone who has serious data that needs serious protection.
|
|
|
 |
