File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006
7 Slides44.50 KB
File System and Full Volume Encryption Sachin Patel CSE 590TU 3/9/2006
Encrypting File System Protects sensitive data on computers and laptops from physical theft. Encryption at a lower level that all applications can use. EFS introduced in Windows 2000 Tied to the NTFS file system Encrypt individual files or folders
Encrypting File System Header Data encrypted with symmetric file encryption key (FEK) DESX, 3DES, AES Cipher block chaining FEK encrypted with user’s public key (RSA) Multiple users Recovery Agent in case user private key lost Data Decryption Field Data Recovery Field Version Checksum DDF Key Entry 1 DDF Key Entry n DRF Key Entry 1 DRF Key Entry n Key Entry: User SID Container Name Provider Name EFS Certificate Hash Encrypted FEK
EFS Security Issues On standalone system, all keys that protect the private key potentially on hard disk EFS Private key Master key Password key Syskey Recommend removing syskey from system with floppy or password Smartcard support planned for Vista Can’t encrypt system files, registry, file name, or page file Allows attacker to boot system File names can reveal information Page file might accidentally store sensitive data
Full Volume Encryption Encryption at the block driver level underneath file system. Everything in the volume is encrypted. BitLocker in Vista BitLocker takes advantage of Trusted Platform Module (TPM) Top level root key sealed in TPM Root key encrypts disk encryption key, which encrypts sector data
BitLocker Secure Startup Ensures boot integrity of the Windows volume before unsealing root key. Verifies none of the boot code or critical system files have been tampered with offline. Taking measurements of critical information at each step of the boot process. Compare hash of measurements to hash of known secure system. Recovery mechanism – removable storage or password BitLocker and EFS not mutually exclusive BitLocker can protect system volume and root keys. EFS can provide file granularity and multiple user control.
Questions?