TrueCrypt Master Key Extraction and Volume Identification 222
An anonymous reader writes "The Volatility memory forensics project has developed plugins that can automatically find instances of Truecrypt within RAM dumps and extract the associated keys and parameters. Previous research in this area has focused specifically on AES keys and led to the development of tools such as aeskeyfind. The Volatility plugin takes a different approach by finding and analyzing the same data structures in memory that Truecrypt uses to manage encryption and decryption of data that is being read from and written to disk. With the creation of these plugins a wide range of investigators can now decrypt Truecrypt volumes regardless of the algorithm used (AES, Seperent, combinations of algos, etc.). Users of Truecrypt should be extra careful of physical security of their systems to prevent investigators from gaining access to the contents of physical memory."
at least this is old fashioned forensics work... (Score:4, Interesting)
Re:Still working as intended (Score:5, Interesting)
http://istruecryptauditedyet.com/ [istruecryp...tedyet.com]
Re:Burn after reading? (Score:0, Interesting)
What is the easiest way to 'burn memory blocks' on a Windows machine? Is it something you could do at a moment's notice?
The only thing Windows knows how to do in a moment's notice is crash, which of course brings up the question of memory dump files for those who happened to be running TrueCrypt at the moment of BSOD impact...
Re:Burn after reading? (Score:3, Interesting)
While not perfect, such activity can be mitigated. TruCrypt can be written to automatically unmount the 'drive' as the computer goes to sleep/hibernate/etc, and could even be written to plop the keys into a random section of RAM each time it re-connects. Hell, you could even rig an option to unmount the drive when the screensaver comes on.
That would only leave the ability to access it when the computer is active - but then it's pretty much game-over in that situation anyway.
Re:Burn after reading? (Score:5, Interesting)
Re:Burn after reading? (Score:4, Interesting)
So ultimately, if you want to keep your data secure, you need to shut down your laptop at least several minutes before it could be potentially seized. I remember last year reading a piece about how even volatile RAM, if kept very cool, could be read with some fidelity even after a computer had been shut down, but these seem like lab conditions. I think we're along way from declaring disk encryption "crackable", providing appropriate measures are taken.
Re:What would be sweet... (Score:5, Interesting)
An even better idea would be to eliminate software from the equation completly.
Have a hardware device that contains the keys in secure storage that's on the same die as a fast hardware AES implementation (so they cant be read out by someone with full physical hardware access). Or alternately have the keys on some sort of removable storage that plugs directly into the specialized hardware (so as not to expose the keys to the host machine). The hardware would sit between the disk controller and the secure drive and basically MITM all data flowing in either direction and encrypt it as it went to the drive/decrypt it as it came from the drive).
Done properly it would prevent a lot of attacks including the attack described in TFA.
Re:So does this mean the TrueCrypt hijacking busin (Score:5, Interesting)
Even better, start not just having one TC volume, but many. Separate your stuff out by what you are doing, and unmount it when you are done. Word documents for client "A", open that specific volume, make an edit, unmount. Excel spreadsheets? Same thing.
This way, if the computer gets taken and the master drive image key slurped off, it means control of the OS, but not much else.
Even better, to prevent data leakage (/tmp files), the next step up is having virtual machines or Evalaze-sandboxed applications that channel all writes to one volume, that is easily unmounted.
TrueCrypt is just one tool in a toolbox.
Of course, there is the fact that people may not have to worry about seizure. My biggest security threat are the meth-heads who will break into a place just to grab stuff to take to a pawn shop or fence in order to stop their DTs. They don't care what's on the machine, so basic encryption turns a hardware + data theft into just hardware lost... which is easily replaced by insurance.
Re:TC is usually still mounted after sleep anyway (Score:5, Interesting)
I use Truecrypt for the entire harddrive on my laptop. And when it hibernates, I have to feed it my Truecrypt password to get it back awake.
Presumably, the difference is that I use whole disk encryption, rather than just a part of the disk....
Re:Still working as intended (Score:3, Interesting)
Suppose I find a vulnerability in some software. I've got two choices
1) Make it public and at best get a mention on slashdot when it is fixed.
2) Sell the details to either the NSA/GCHQ etc or to criminal types. In which case no mention on slashdot, but cash up front.
See the problem with security - any security - is that revealing vulnerabilities to the project so they can be fixed is likely to be much less lucrative than selling them other people who want to exploit them.
If I were cynical here's what I'd do
1) I'd sell details of the exploit to whoever paid the most (Russian Mafia/NSA etc) using an untraceable identity. At this point the vulnerability starts to be exploited by them.
2) I then wait until other security researchers notice this or look like they're about to figure it out. However before they can figure it out completely I report it to the vendor with my normal identity. E.g. Microsoft and Google for example pay cash, so I'd get that.
3) Then even later I'd then announce it publicly at Black Hat and say the vendor hadn't fixed it quickly enough so I've decided to go public. For an open source project (e.g. TrueCrypt) I'd submit a patch and say "Look, I fixed this before anyone knew about it") and make the Black Hat talk about that. So I skip the vendor report stage completely because they won't pay me. However I'd keep stage 1 i.e. "flog it on the open market to the mafia", because that's where the money is.
This - call it Irresponsible Disclosure - optimizes my income - I get it from the criminal types and the vendor if they pay it. It also optimizes my publicity.
Of course the downside is that if the NSA/FBI etc think you're doing this they'll seize your laptop when you go through customs
http://yro.slashdot.org/story/10/11/20/0332243/whitehat-hacker-moxie-marlinspikes-laptop-cellphones-seized [slashdot.org]
Then again, that's no bad thing for publicity too - tech sites will cover it as "Fascist government harassing well meaning security researchers". And of course if you get detained for a few hours just use it as an opportunity to negotiate a deal with them to sell the exploits to them exclusively. The government has loads of cash and may well use it to buy up your worthless one man company in return for you agreeing to sell to them exclusively in future.