File System and Full Volume Encryption - PowerPoint PPT Presentation

eunice
file system and full volume encryption l.
Skip this Video
Loading SlideShow in 5 Seconds..
File System and Full Volume Encryption PowerPoint Presentation
Download Presentation
File System and Full Volume Encryption

play fullscreen
1 / 7
Download Presentation
File System and Full Volume Encryption
199 Views
Download Presentation

File System and Full Volume Encryption

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006

  2. Encrypting File System • Protects sensitive data on computers and laptops from physical theft. • Encryption at a lower level that all applications can use. • EFS introduced in Windows 2000 • Tied to the NTFS file system • Encrypt individual files or folders

  3. Encrypting File System • Data encrypted with symmetric file encryption key (FEK) • DESX, 3DES, AES • Cipher block chaining • FEK encrypted with user’s public key (RSA) • Multiple users • Recovery Agent in case user private key lost Key Entry:

  4. EFS Security Issues • On standalone system, all keys that protect the private key potentially on hard disk • EFS Private key  Master key  Password key  Syskey • Recommend removing syskey from system with floppy or password • Smartcard support planned for Vista • Can’t encrypt system files, registry, file name, or page file • Allows attacker to boot system • File names can reveal information • Page file might accidentally store sensitive data

  5. Full Volume Encryption • Encryption at the block driver level underneath file system. • Everything in the volume is encrypted. • BitLocker in Vista • BitLocker takes advantage of Trusted Platform Module (TPM) • Top level root key sealed in TPM • Root key encrypts disk encryption key, which encrypts sector data

  6. BitLocker • Secure Startup • Ensures boot integrity of the Windows volume before unsealing root key. • Verifies none of the boot code or critical system files have been tampered with offline. • Taking measurements of critical information at each step of the boot process. • Compare hash of measurements to hash of known secure system. • Recovery mechanism – removable storage or password • BitLocker and EFS not mutually exclusive • BitLocker can protect system volume and root keys. • EFS can provide file granularity and multiple user control.

  7. Questions?