File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006
Encrypting File System • Protects sensitive data on computers and laptops from physical theft. • Encryption at a lower level that all applications can use. • EFS introduced in Windows 2000 • Tied to the NTFS file system • Encrypt individual files or folders
Encrypting File System • Data encrypted with symmetric file encryption key (FEK) • DESX, 3DES, AES • Cipher block chaining • FEK encrypted with user’s public key (RSA) • Multiple users • Recovery Agent in case user private key lost Key Entry:
EFS Security Issues • On standalone system, all keys that protect the private key potentially on hard disk • EFS Private key Master key Password key Syskey • Recommend removing syskey from system with floppy or password • Smartcard support planned for Vista • Can’t encrypt system files, registry, file name, or page file • Allows attacker to boot system • File names can reveal information • Page file might accidentally store sensitive data
Full Volume Encryption • Encryption at the block driver level underneath file system. • Everything in the volume is encrypted. • BitLocker in Vista • BitLocker takes advantage of Trusted Platform Module (TPM) • Top level root key sealed in TPM • Root key encrypts disk encryption key, which encrypts sector data
BitLocker • Secure Startup • Ensures boot integrity of the Windows volume before unsealing root key. • Verifies none of the boot code or critical system files have been tampered with offline. • Taking measurements of critical information at each step of the boot process. • Compare hash of measurements to hash of known secure system. • Recovery mechanism – removable storage or password • BitLocker and EFS not mutually exclusive • BitLocker can protect system volume and root keys. • EFS can provide file granularity and multiple user control.