Attacking Encryption Systems
Cryptography is the science of secret writing, its usage dates back to ancient civilizations. It has two main components, encryption and steganography.
Many think that the terms cryptography and encryption are interchangeable, however, this is not completely correct. Cryptography is the science of “secret writing”, its usage dates back to ancient civilizations and it has taken several forms over the years. Cryptography has two main components, encryption and steganography.
In Encryption, humans scramble data to make it unreadable. It uses an algorithm and a key to transform a plaintext into an encrypted text (also known as ciphertext). This protects your data from unauthorized access or a potential attacker.
The second type, Steganography is the science of concealing a secret message within an ordinary message, thus maintaining its secrecy during transit. Steganography can be combined with encryption to further secure transmitted data; most modern Steganographic tools implement this approach.
Encryption is considered the main building block of any security for an information technology system, as it provides the most four basic services of information security which are: Authentication, Nonrepudiation, Confidentiality, Integrity. Encryption helps us to maintain the security of our data at rest and when traverse untrusted networks like the Internet. Full Disk Encryption (FDE) is increasingly required by enterprises that want to protect their mobile data. Furthermore, individuals in different business sectors are turning to FDE as an easy method to protect their sensitive data.
Encrypting data will never be a 100% secure solution for all our security needs. Technology is continually evolving to produce more secure encryption systems/algorithms and so as attacker’s techniques. There are mainly three ways in which encryption systems can be attacked:
- Finding the cryptographic keys (e.g. Brute Force and keyloggers)
- Cryptanalysis (attacking the encryption algorithm itself)
- A system based attack, hence we attack the software program that implements the encryption algorithm
The most used methods to circumvent today’s encryption systems is to steal the key used to decrypt the data and this will be our focus in this article.
This article is split into two sections; the first part will discuss attacks against full disk encryption (and other encryption methods in general), while the second part will cover countermeasures techniques to mitigate such attacks.
Attacks Against Encryption Systems
The most famous attacks against encryption systems includes, but may not be limited to the following:
Evil Maid Attack
This type of attack requires physical access to the victim machine, the attacker will boot it into a separate partition or from a USB/CD if possible, the attacker will then install a malicious bootloader onto the system, and finally it will shut down the computer. Next time the victim boots the computer, he will boot from the hacked bootloader, the victim needs to enter his decryption key/password to decrypt computer drive (we are assuming that victim machine is protected using Full Disk Encryption), the hacked bootloader will capture victim credentials for later retrieval.
Most Full Disk Encryption techniques, including Windows BitLocker & VeraCrypt, are vulnerable to this type of attack, however, when BitLocker is activated on machines that have a Trusted Platform Module microchip (TPM) installed, conducting evil maid attack could be extremely difficult as there is, until now, no proven technique to decrypt it using this kind of attack. The TPM will detect any modification to the original bootloader and prevent the computer from booting up.
What is a Trusted Platform Module (TPM)?
TPM is a small microchip located on your computer motherboard. Most modern Windows devices come equipped with this chip; some motherboards manufacturers allow the addition of this chip separately.
The main role of the TPM with regard to full disk encryption (e.g. Windows BitLocker) is to store the encryption keys. It also offers a mechanism to detect any attempt to change the host OS software (e.g. Bootkit attacks) or hardware used by attackers to crack your encrypted drive. Once TPM detected any changes, it will make your PC boot in a restricted mode, thus preventing attackers from gaining any information from you that can aid them to crack your encrypted drives.
Bootkit and Rootkit Attacks
Bootkit is a kind of BIOS level attacks, it works by masking a malware as the Master Boot Record (MBR) or Volume Boot Record (VBR) and then execute this malware before the OS launch. These kind of attacks can surpass FDE as the MBR cannot be encrypted. Bootkit malware can gain direct access to the Windows kernel, giving it unrestricted access to all Windows functions.
Detecting a Bootkit is very difficult, as its code resides outside OS file system area and regular antivirus cannot detect it either. Some specialized software claims their ability to remove famous Bootkits, however, removing a Bootkit that has infected the OS MBR may delete important booting files that will render your OS inoperable.
Rootkits on the other hand, is a type of malware that tries to gain administrative access to your computer. Rootkits usually work by scanning the OS for possible vulnerabilities (e.g. unpatched Windows), and then tries to exploit one of these vulnerabilities to access the system stealthily. A rootkit may monitor everything on the victim machine without his/her knowledge.
Detecting a rootkit is somehow difficult, some types use polymorphism techniques to rewrite its core engine code (changing its code signature) to prevent specialized anti-rootkits/virus from detecting it. Both Bootkits and rootkits are a form of keylogger that may record everything you type on your machine (e.g. Cryptographic keys & passwords) and then transmit the data to their operator.
In most cases, removing Rootkits & Bootkits is only possible through performing a clean installation of the OS; some advanced Bootkits (e.g. Hardware/firmware Bootkit) requiring reinstalling the BIOS or the infected firmware.
Computer Hardware to use Modern Windows 10 Security Features
Windows 10 comes equipped with enhanced security features for encryption and authentication. This is in addition to its native support to stop sophisticated malware such as bootkits and rootkits from attacking the native system before the Windows OS boots up. Windows 10 is the most secure version of Windows ever created, and it is highly recommended that you stop using the older versions (such as 8, 7, Vista, and XP). To use the modern security features in Windows 10, though, your hardware needs to support the following security features (or at least some of them):
- Trusted Platform Module (TPM) version 2.0.
- Unified Extensible Firmware Interface (UEFI). This is the BIOS replacement.
- Fingerprint scanner.
- Integrated smart card reader.
- When installing Windows, it is highly
recommended that you buy the latest
version with an edition that supports
BitLocker drive encryption. Currently,
the newest version is 10.
A retinal scanner and 3D camera for facial recognition are highly recommended so you can activate the advanced biometric features of the Windows 10 HELLO feature. However, their existence in modern computers is still limited.
Cold Boot Attack
This type of attack happens where an attacker gains physical access to
your PC upon shutting it down instantly and works by removing RAM memory, freezing it (e.g., using compressed air cans) to a temperature greater than –50°C, and then attaching it to another PC in an attempt to recover data from it using a specific memory tool. This technique works on computers where the attacker cannot modify the BIOS to boot from removable storage. Note that modern mobile devices are not vulnerable to this type of attack because RAM memory is soldered
directly to the motherboard.
Another method of a cold boot attack is by pressing the reset button on a PC (or powering off electricity suddenly from a PC) and trying to recover data from a previous working session through booting into another operating system that contains a specific tool for extracting data that remains, including any encryption keys/passwords from RAM memory. Booting into another OS may be achieved by loading a bootable DVD/CD or a bootable USB stick.
This attack relies on the data remanence property of DRAM (mostly versions DDR1 and DDR2) and SRAM to retrieve memory contents that remain readable in the seconds to minutes after power has been removed. Many experiments show that DDR3, and later versions, are not susceptible to cold boot attacks because they lose voltage too quickly to allow a computer case dismount and freeze procedure to be carried out.
Although the cold boot attack cannot launch successfully using modern computer hardware, but it is still considered an effective attack that should be taken into consideration, especially when you are still using an old hardware PC.
Brute-Force Sign-In Attacks
Theoretically, this kind of attack can decrypt any encrypted data if given the required time. Brute-Force attacks work by trying to guess all the possible passwords / passphrase combinations to find the correct one.
It may be executed against pre-boot authentication and against the recovery key in case of full disk encryption. Such attacks may also occur against the OS sign-in authentication. The most common type of brute force attack is called a dictionary attack or hybrid brute-force attack. This attack starts with dictionary of words, since most people will use passwords that are easy to remember and not completely random.
The best countermeasure against this type of attacks is to use complex, long password, as when the password length is increased, the time needed to crack it increase significantly.
Tools to Automate Brute-Force Attacks:
John the Ripper http://www.openwall.com/john
Rainbow Crack http://project-rainbowcrack.com
Cain and Able http://www.oxid.it/cain.html
Direct Memory Access
Direct memory access (DMA) is a feature of computer systems that allows some hardware components to interact directly with the main computer memory (RAM) and transfer data to/from it without processing it first using the computer CPU.This technology is used to speed up processing time and to increase computer throughput, as the data is transferred directly from RAM memory without processing it first in the CPU.
Hackers may exploit this feature in order to steal sensitive data from the target machine, bypassing all OS security mechanisms and any lock screen and antivirus software, the scenario works as follows:
An attacker will connect his device, (laptop), which has a special cracking software to the victim machine, the cracking software will search the victim PC RAM memory for interesting artefacts like cryptographic keys, password or decrypted files. The attacker may also install a backdoor using this technique to invade the victims’ machine completely. For the attack to work, the victims’ PC should have ports that support DMA, such ports include: FireWire, Thunderbolt, PCMCIA, PCI, PCI-X, and PCI Express. Fortunately, USB ports do not support DMA feature.
Encrypting Ransomware Attacks
This kind of attacks has become internationally prevalent lately, it is a reversed full disk encryption where an attacker encrypts victim files and requests a ransom to decrypt them again. Ransomware is a type of malicious software that infect your computing device, whether it is a computer or smartphone, and works to block legitimate access to stored data. It seeks a ransom, which is paid using an anonymous currency like Bitcoin or Ukash before remove the block. There are different kinds of this malware, some types lock the computing device in a
way which is easy to recover by an experienced computer user, other types are more dangerous and work by encrypting all the data on the victims computer drives making them inaccessible, and then demands a ransom payment to decrypt them.
For now, we have covered the most popular attacks against Full Disk Encryption, as we noted, these attacks may also happen against the OS sign-in authentication itself or against any other encrypting software that may be used to encrypt single files or to create encrypted volumes. In the second part of this article we cover how we might mitigate these risks and prevent unauthorized access to our confidential data.
Countermeasures Against Encryption Attacks
The following measures – if implemented correctly – will help users to mitigate most attacks that target their encrypted data.
-
Hardware attacks (e.g. Evil Maid, hardware kylogger) rely on the attacker’s ability to gain access to the victim machine, to deter such attacks we should do the following:
1.1 Set a password for your BIOS/UEFI, this will prevent an attacker from modifying the boot sequence to boot from a USB/CD or DVD drive to conduct malicious actions.
1.2 Use preboot authentication (PBA) to authentic the user before the PC boot up, in this way, users must provide some form of credential before unlocking encrypted volumes and starting Windows. Typically, they authenticate themselves using a PIN or a USB flash drive as a key or token.
1.3 Try to use unified extensible firmware interface (UEFI)-certified devices. Microsoft begins to promote the usage of UEFI as a replacement for BIOS. According to Microsoft, “The UEFI is a programmable boot environment introduced as a replacement for BIOS. Like BIOS, PCs start UEFI before any other software. It initializes devices, and UEFI then starts the operating system’s bootloader. As part of its introduction into the pre–operating system environment,UEFI serves a number of purposes, but one of the key benefits is to protect newer devices against Bootkits attacks through the use of its Secure Boot feature.Recent implementations of UEFI (starting with version 2.3.1, which is in all Windows 8–certified devices) verify the digital signature of the device’s firmware before running it. Because only the PC’s hardware manufacturer has access to the digital certificate required to create a valid firmware signature, UEFI can prevent firmware based Bootkits. Thus, UEFI is the first link in the “chain of trust”.
1.4 For security-conscious people who continually travel and need to carry sensitive documents with them, an Evil Maid attack can be countered by installing the boot partition and bootloader into a portable USB stick and carrying this USB with the laptop owner. In this way, even though an attacker gains physical access to target laptop and tries to install a hacked bootloader, he cannot hack victim encryption keys because the user will boot from the bootloader stored on his/her USB, which is not tempered with any malicious software. Plop Boot Manager gives you the ability to boot from a USB stick drive. You can download it from https://www.plop.at/en/bootmanagers.html. -
Install the latest version of Windows OS (8.1 and above) and keep it up to date. Beginning from Windows 8.1, Microsoft begins supporting many security features that prevent Bootkits and rootkits from loading during the start-up process. Keep in mind that many advanced Windows security features require Windows certified devices to work.
-
Disable hyberfil.sys and Pagefile.sys: hyberfil.sys is responsible for the hibernate mode of Windows OS. It usually resides on the system drive (C:\ drive in our case) and it is a hidden operating system file. When hibernate mode is enabled, it is used to store the current memory state of Windows. When selecting to hibernate your PC, Windows will completely write RAM memory to the hard drive and then turn off the PC. The hibernation file will usually store the encryption keys of any encryption technologies you may use.
-
DMA exploits uses of DMA ports on your PC to have direct access to computer RAM memory. To mitigate such attacks, you may:
4.1 Disable DMA ports within BIOS or UEFI.
4.2 Implement physical security measures through preventing physical connections to such ports within your organization without prior permission.
4.3 Install the latest version of Windows (10) and keep it up to date. Starting from Windows version 8.1, Windows begins to reject access to DMA access memory by external devices until after the Windows OS is in control to parse DMA requests. -
Mitigations against cold boot attacks: This attack becomes rare and it mainly works on computers that still use old RAM versions.
Many researches show that using RAM of type DDR3 and beyond is far more secure than the previous versions. -
It is always a good practice to provide multilevel authentication when encrypting your disk drive by using a PIN or the keyfile stored in an external USB stick in addition to providing an encryption key (or TPM key if you are encrypting your files using BitLocker) before launching Windows.
-
To fight against Bootkits, Rootkits and other malicious software, follow these steps:
7.1 Always update your Windows OS and make sure to install a dedicated solution for malware.
7.2 Do not open e-mail attachments before scanning them using your antivirus program. Executable programs and scripts should not be opened at all when sent through e-mails.
7.3 Be cautious before executing any software downloaded from the Internet. It is better to execute such programs on an isolated virtual machine before installing them on your work PC.
7.4 Do not insert removable media (such as USB stick drives, DVDs, CDs, external hard disks, and SD cards) from unknown sources into your computer.Many viruses reside on such removable media and can infect your computer even when you have an antivirus program installed. -
Using long, random and complex passwords may mitigate attacks using brute-force techniques. In addition, most encryption solutions offer a limited number of error password trials before blocking your system for a specific period. Such attacks may also be mitigated using two-factor authentication.
Anti Bootkit & Rootkit tools
- RootkitRevealer (https://technet.microsoft.com/en-us/sysinternals/bb897445)
- TDSSKiller (https://support.kaspersky.com/viruses/disinfection/5350#block1)
- GMER (http://www.gmer.net)
- Rootkit Detection Framework for UEFI
“RDFU” (https://www.reversinglabs.com/open-source/rdfu-uefi.html) - UnHackMe – 30 days’ free trail
(http://greatis.com/unhackme) - Sophos Anti-Rootkit (https://www.sophos.com/products/ free-tools/sophos-antirootkit.aspx)
Closing Summary
Disk encryption is able to protect you against one type of attack, which is the physical attack. Even though you have your PC encrypted, there are a large number of cyber-threats already traveling the Internet that are able to strike your machine. For instance, full disk encryption does not protect against an adversary who intercepts your communications online. Unpatched Windows, old software, an older OS (such as Windows XP), and some dangerous services may be exploited remotely to plant malware on your machine. This will effectively steal your decryption keys and make your disk encryption useless.
The focus of this article was countering attacks against encryption systems, most attacks against cryptographic systems may be mitigated, if the user uses the proper
computing device/OS and takes some precautionary steps. This article sheds the light on this important topic and draws the readers’ attention to how popular attacks against encrypted data take place and how they may be mitigated. Armed with this knowledge, the reader should feel confident when using encryption to secure their data.
The information security field is continually evolving, in the future we are going to see stronger encryption algorithms, in terms of mathematical strength/key size and its persistence to outside attacks without forgetting quantum computing, still under development, which will render all today's encryption algorithms useless
About The Author: Nihad Hassan (@DarknessGate) is the author of a number of books on digital forensics, open source intelligence and digital security. You can learn more about the best methods to assure your digital privacy online, in his recent book Digital Privacy and Security Using Windows published by Apress. Other books related to OSINT and Digital Forensics from the same author can be found here.