Curt, I'm going to be giving a talk on this subject at the forthcoming Federal Information Systems Conference in Colorado Sprints, Aug. 1st and 2nd. Unfortunately, I only have 30 minutes, whereas the subject could easily take all day, both talking and listening to others.
You are correct - FDE is probably the only solution for the Data at Rest problem that everyone is currently focused on, i.e., when the computer is turned off. (BTW, laptops carrying classified data leave the Pentagon all of the time, often carried by an Admiral or General or their aide. And I certainly wouldn't be surprised if one of those laptops happened to be left in a cab somewhere along the line.) However, Data at Rest is almost by definition completely useless. Generally speaking, at least in most enterprise environments, data is worthless unless it can be shared with someone else, and that implies Data in Transit. And that includes data being physically transported on a USB flash drive, as well as transmitted electronically. The only reasonable way to protect Data in Transit, and perhaps even more importantly, Data in Use, is to use file/folder encryption AND FDE AND S/MIME, SSL, and/or IPSEC, in order to provide Defense in Depth. When the computer is turned on and connected to the Internet, the best defense against malware (other than don't do that, use firewalls, virus scanners, etc., etc.) is to make sure that there is NO plaintext exposed on the computer for any longer than is absolutely necessary. By plaintext in this context, I mean data that has been decrypted by the FDE, but has not been super-enciphered by a file encryption system. This means two things: use file/folder encryption and save only the encrypted files long term, AND use a full disk file scrubbing utility religiously, to get rid of all of the temp files and other garbage as quickly as possible. This in turn means that you have to have an effective Recovery Agent capability, so that if you lose or break your hardware token (you are planning to use a hardware token, I hope!), you, or someone else, will still be able to recover the data. But not just any file encryption scheme will do, and particularly not the Windows Encrypting File System, because (just like FDE systems) it runs completely automatically, and therefore can be accessed by malware as easily as by the legitimate user. Assuming you are using a hardware token to provide two-factor authentication, hopefully it has a big red light on it to let you know when it is being used for encryption or decryption. And hopefully you log off of the token as soon as you have finished encrypting a file, and likewise whenever the screen-saver locks. Unfortunately, really large files can become rather cumbersome to deal with, and particularly the .pst files created by Outlook - some of which can grow to 4 GB. So archive your e-mail religiously to keep the working set small, and use s/mime for all your important correspondence. Finally, plan ahead. File formats change, disk crashes occur, encryption hardware gets lost or broken, and your wife might need to access your income tax returns if you run into a tree some night. The good news is that with ECC P-384 and AES-256, data can be kept secure for as long as 179 years, according the best estimates available. (Cf. www.keylength.com for Lenstra's revised equations.) The bad news is that the data is likely to be completely secure for all eternity long before then, because the storage media and/or the hardware will fail long before then, and no one will have thought to make any backups! Bob Date: Thu, 19 Jul 2007 18:18:33 -0500 From: Curt Wilson <[EMAIL PROTECTED]> Subject: [FDE] Data protection strategies, FDE and file/folder To: [email protected] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear FDE list: I'm starting to get involved in an encryption project and have some thoughts about Windows-based encryption tools...I've used TrueCrypt, PGP and GPG for years, but usually only in single-user mode and haven't had to concern myself with key-escrow, enterprise backup, imaging, policies, and other details. I'm concerned about data protection against unauthorized people and against malware, mostly on desktop and laptop Windows boxen. If data is to be protected when the system is powered down, FDE makes a lot of sense. If the system is at risk for theft/bootdisk drive access, FDE makes a lot of sense. If data is to be protected when it's only accessed occasionally, then file/folder encryption makes sense. If the data to be protected must be accessed on a continuous basis, what are some strategies that can be used, given the reality of 0day and the modern threat landscape? Head back to pen & paper? There are a few concerns that I have; these may be in some FAQ (pointers appreciated!) How do you handle persistent temp files on Windows boxes such as those generated by MS-Office? Sure, they are protected by FDE when the box is powered down. but what about when the user has decrypted/booted past the FDE auth and then gets nailed by a 0day in some client application? (please don't say "just don't get owned") Hope and pray that they weren't running as Administrator? Have them pull the network plug and hope that the undetected keylogger they have doesn't just cache everything for delivery the next time an Internet connection is available? And those scenarios are just when you *know* that an attack has taken place. The current state of Windows malware as I understand it is that the user must generally be running as Administrator (for client-side malware; obviously server components running as LocalSystem with bugs that open ports are still a risk) in order for most malware to be able to do it's nastiness. If someone is a restricted user then most malware will probably fail, unless it's designed to do privilege escalation tricks or unless it's designed to snag *data* that this particular user has access to (decrypted, if using FDE and the system is booted, or decrypted if it was protected with file/folder encryption and the user had need of that data, or kept the data open longer than needed). I expect in the future to see malware that does things like leverage priv escalation attacks, and implement a sensitive data search to look for SSN's on the box accessible to the logged-in user, pack them up with a key of the attackers choice and HTTP upload those to the attackers malicious server. Maybe this is already happening. I'm aware of the usual protection techniques such as hardening, anti-<malware,virus,spyware,scumware,trojan,rootkit...> etc. but what I am interested in learning is how to best approach an encryption scenario in the face of such contemporary threats. Perhaps my expectations are too high. I think that one must have FDE and file and folder encryption at the same time to really cover things, but depending upon the usage scenario f&f might not be helpful. I am not yet well-informed on the various vendor offerings and would appreciate any suggestions, on or off-list. Thank you _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
