So the solution needs to be sought in another way. It is going to be difficult if not impossible to reverse this trend in design, except for very specialised security systems. This is because the applications are normaly designed to assume no resource limits and the windows manager and underlying OS must support this. The manager is designed in a similar way to the underlying operating system. Over and above the computer operating system is the windows manager and applications. That is the OS designers assume that resources are going to be limited in one way or another, for example system RAM is not going to be sufficient and also to slow, the result data is cached in both slower memory (hard disk) to make up for the lack of quantity and in much faster memory in the CPU. It is a more specific case of limited resources -v- security. It is to do with the trade off between efficiency and security.Īs a rule of thumb (that I have yet to be seen broken) the more efficient a system then the less secure it is. The problem of “deniability” is not just MS OS’S but virtualy all multitasking OS’s. Tags: academic papers, cryptanalysis, cryptography, deniability, encryption, full-disk encryption, TrueCrypt Our paper will be presented at the 3rd USENIX Workshop on Hot Topics in Security (HotSec ’08). Whole disk encryption is the smartest option. If you don’t encrypt the entire drive, there is the possibility-and it seems very probable-that information about the encrypted partition will leak onto the unencrypted rest of the drive. One talks about a generalization to encrypted partitions. There have been two news articles (and a Slashdot thread) about the paper. So we cannot break the deniability feature in TrueCrypt 6.0. Rather, we encourage further research evaluating the deniability of such systems, as well as research on new yet light-weight methods for improving deniability. Given these potential challenges, we encourage the users not to blindly trust the deniability of such systems. We suggest that the breadth of our results for TrueCrypt v5.1a highlight the challenges to creating deniable file systems. We have not analyzed version 6.0, but observe that TrueCrypt v6.0 does take new steps to improve TrueCrypt’s deniability properties (e.g., via the creation of deniable operating systems, which we also recommend in Section 5). TrueCrypt version 6.0 was released in July 2008. We shared a draft of our paper with the TrueCrypt development team in May 2008. We analyzed the most current version of TrueCrypt available at the writing of the paper, version 5.1a. Since we wrote our paper, TrueCrypt released version 6.0 of its software, which claims to have addressed many of the issues we’ve uncovered. An example would be if the secret police break into Alice’s apartment every day when she is away, and make a copy of the disk each time. The attacker has many snapshots of the disk image, taken in short intervals. An example would be border guards who make a copy of Alice’s hard drive every time she enters or leaves the country. The attacker has several snapshots of the disk image, taken at different times. An example would be when the secret police seize Alice’s computer. The attacker has a single snapshot of the disk image. There are several threat models against which a DFS could potentially be secure: Deniability is a very hard feature to achieve. I helped with the basic ideas, and contributed the threat model. The students did most of the actual work. Finally, we suggest approaches for overcoming these challenges on modern operating systems like Windows. While staged in the context of TrueCrypt, our research highlights several fundamental challenges to the creation and use of any DFS: even when the file system may be deniable in the pure, mathematical sense, we find that the environment surrounding that file system can undermine its deniability, as well as its contents. We find that the Windows Vista operating system itself, Microsoft Word, and Google Desktop all compromise the deniability of a TrueCrypt DFS. Basically, modern operating systems leak information like mad, making deniability a very difficult requirement to satisfy.ĪBSTRACT: We examine the security requirements for creating a Deniable File System (DFS), and the efficacy with which the TrueCrypt disk-encryption software meets those requirements. Together with Tadayoshi Kohno, Steve Gribble, and three of their students at the University of Washington, I have a new paper that breaks the deniable encryption feature of TrueCrypt version 5.1a.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |