Wednesday, April 13, 2011

Self-Encrypting Hard Disks

I travel a lot with my laptop, and it can contain private information that shouldn't get disclosed if it's ever lost or stolen. For this reason, I've been using various types of disk encryption over the years, such as Ubuntu's encrypted home directory feature, to reasonably assure that my data remains private.

A few things have always bothered me with software encryption though. The first thing is the fact that software encryption is non-transparent. Although slight, there is a performance penalty in encrypting every read and write to your hard disk. Some people choose to only encrypt certain things to try and reduce that penalty. Do I only encrypt my home directory? What about my swap file or the /tmp directory? If I encrypt my swap file, do I give up hibernation, or do I make it ask me for a passphrase when I boot? What happens in case of disaster? Will I be able to boot a recovery cd and gain access to my data? Will I have saved the passphrase/encryption key somewhere safe in case an emergency arises?

Another issue is the fact that the decryption key necessary to access my encrypted volumes is located somewhere in RAM. There are a bunch of reasons why this is worrisome, from “Cold Boot” attacks, to hibernation, to simply having it leaked in some other way.

But the biggest gripe I have with software encryption is the “Evil Maid” scenario. Basically, every time I leave my laptop unattended, someone could boot off removable media, or physically plug my hard disk in another computer, and alter the software that is loaded before my encrypted volumes. The altered software could send them my encryption password as I type it, or could wait around for my volumes to be mounted before installing a back door. I need to stay physically present with my laptop at all times to make sure this scenario isn't possible, something I'm not always prepared to do. Although laptops are expensive, the loss or theft of an encrypted laptop is limited to the value of the hardware, not the incalculable value of its contents. Leaving my netbook in my hotel room is an easy choice to make if all I stand to lose is a couple of hundred dollars.

Since the hard disk that came with my Lenovo Thinkpad was a little small for my taste, I decided to replace it with a bigger one. In doing so, I specifically paid $20 more to get a model with FIPS 197 certified hardware encryption. These hard disks will encrypt everything that is stored on the physical platters with AES 128bit encryption, and a random key. When the disk is powered on, a standard ATA password is required to access it, and the password cannot be reset; if it is lost, the disk is no longer usable. A master password can be set that can be used to reinitialize the random key, so the disk is usable, but the data contained is lost.

Fortunately, most ThinkPad models come with the required BIOS support for disk encryption, so simply swapping the hard disk and setting a password in the BIOS screen was enough to get it working. Not all computer manufacturers have implemented the ATA security set, so you need to check carefully. Apparently MacBooks don't have it, for instance.

For under $100, I now have an encrypted 500GB hard disk in my laptop that asks for a passphrase when I boot. Is this solution perfect? No. But, it's better than what I had before, and is perfectly adequate for my piece of mind.


jorge said...

Is there a general rule of thumb on how much performance overhead the software encryption costs?

mdeslaur said...

I haven't measured it myself, but I've seen people who've benchmarked anywhere from a 5% to 50% performance penalty. It really depends what exactly you do...for normal users, it's probably not noticeable. For power-users and developers who compile stuff, it may have a bigger impact.

Anonymous said...

Here's how I would do it:

1. Create 1 encrypted partition spanning whole disk.
2. Create an LVM PV & VG in the encrypted container.
3. Install in an LVM LV.
4. Don't install a bootloader on the hard drive.
5. Create a bootable USB stick with GRUB, the kernel, the initramfs, and the wrapped encryption key.

This way, reading/cloning/modifying the hard drive's contents becomes moot, and all you have to keep track of is your USB stick (which you can now keep a backup of in a secure location as well).

Of course, all this still doesn't protect you from a modified BIOS (or Wifi card maybe) firmware. Intel's TXT should help with that.

sheperson said...

How about TrueCrypt?
Does it do what you want?

mdeslaur said...

Koterpillar said...

I don't think people understand the scope of "evil maid". If someone has means to make you type your password - be it BIOS or not - into a compromised machine, they will access all the data you unlock. The Ultimate Maid will replace your laptop's internals with a wireless link to the next room, intercepting your key presses and cloning video output. Paranoid? Yes. But a hardware keylogger isn't something impossible, so ask yourself again what are you getting from an encrypted drive.

mdeslaur said...

@Koterpillar: There's a difference between trivially modifying a password program in an unencrypted initramfs, and replacing hardware/programming a custom BIOS. Of course it doesn't protect against UltimateMaid...but that's not who I am trying to protect against. As I said, not a perfect solution.

aven peter said...

Thank you for sharing this informative post, although it is a bit difficult for me to Self-Encrypting my Hard Disks. lol...
Nikety, see also recover windows 7 password

Brandon Hudson said...

Nice post with awesome points! Can’t wait for the next one.

Acer - Aspire 15.6" Laptop - 4GB Memory - 500GB Hard Drive - Glossy Black

Acer - Aspire 15.6" Touch-Screen Laptop - 6GB Memory - 750GB Hard Drive - Silky Silver

Joel Wong said...

Thanks for this article, it was way more informative than i expected it to be! To help, if you ever need any assistance in company registration, do let us help, we are the best business incorporation firm out there!