Phocean.net

I was planning to give a try to Xen for my future virtual servers.

This blog made me think twice. I think I am going to check KVM first.

JC :: May.03.2008 :: Uncategorized :: No Comments »

I am proud that my first article for a computer magazine was published.

The magazine, Hakin9, is specialized into Security and Hacking. My article was an overall introduction to network attacks. Some day, I will probably post an english translation around here.

It was an interesting and exciting exercise, like writing on this blog. I wish I can afford enough time and do it more often.

JC :: Apr.16.2008 :: Me, News :: No Comments »

Since the new cold boot attack hack is on the news, touching most of the software encryption solutions, I have wondered if it had any chance to concern also hardware encryption.

Hardware encryption is provided by a few laptop makers, generally on high-range an business models.
It has much less performance impact than software encryption, and protect the data independently from your system configuration and its partitions.

Full disk encryption is the so called hardware encryption technology used by Lenovo on my Thinkpad.

Mine comes with a Hitachi hard drive. Hitachi names its encryption technology “Bulk Data Encryption”.

I know at least Seagate provides the same kind of feature.

The bulk data encryption is based on the AES algorithm with a 128 bits key.

Actually, the encryption is not done by the laptop itself but by the hard-drive.
You need both the hard drive and the laptop supporting encryption , for the following reasons :

1. your motherboard must have a TPM chip, which is used for the encryption, as a unique source to derivate the encryption keys.
2. the BIOS must interface with the hard drive FDE, to set/unset the encryption and to prompt for the password before the real boot (in reality, a small OS embedded on the drive take care of this authentication).

In case of authentication success, the system boots normally.

In case of failure, and if the maximum number of attempt is reached, the data is erased. Instead of initializing the content with 0, which would take a lot of time and could be interrupted by shutting down the machine, just the keys are destroyed within a few seconds.

Anyway, the content is supposed to be very hard to retrieve thanks to the effectiveness of the AES algorithm.

One important thing is that the key is not a derivate of the password you set.

The hard drive password is a feature that does not come necessarily with encryption.
It is just there to limit the access of the content, but not its confidentiality.

For instance, you could imagine that if the drive is stolen, someone opens physically the drive, change the ROM to pass over the password and read your data without any pain.

The con of that is the encryption keys generation is based on your hardware. A different hardware can’t decipher the drive.

If your motherboard breaks down, you won’t be able to read your data from another computer ! Make some good backups…

To go back to the main topic, is the cold boot attack a threat for this hardware encryption ?

No. The encryption algorithm is not in the user land, so no key is stored in RAM.
The key hashes are stored directly on the disk.

These documents from Hitachi provide more detailed information :

Bulk encryption white paper
HowTo guide for bulk data encryption

This Wikipedia article, underlining the main points of hardware encryption,  is also interesting.

I guess that at some point it would be possible to read some hash on the hard drive electronic board, but this is not going to be easy. You need to be a hardware expert in hard drives and for sure it can’t be done as quickly as with the RAM chip.

Of course, even the cold boot attack is extreme. Most of thief won’t care about your data, or won’t be the knowledge or the practical possibility to conduct a successful attack.

If you don’t have FDE support, you should continue to use an encryption solution like dm-crypt or Truecrypt and maybe consider turning off your computer more often.

It anyway remains an excellent solution for external disks, as it is normally not all the time attached to your computer.

Personally, as FDE offers more performance and transparency, I am using it on my laptop but I keep using dm-crypt on all my external drives.

Now the question is : what good workaround can be found to provide more secure software encryption ?

JC :: Feb.26.2008 :: Cryptography, Hardware, Laptop, Linux, Security :: 1 Comment »

Damned !

A team of researchers found a way to defeat all the most common disk encryption methods - including dm-crypt for Linux that I previously described on this blog.

All systems are actually concerned, because the attack is low level. It is based on the RAM chips properties. After shutdown, and therefore no more electricity powering, a chip will still contain some readable information during a few seconds.

The data contained is deteriorating, but for example if you cool the chip enough, for example with a computer dry air dust cleaner, you can keep the data several minutes !

The problem concerning data encryption is that the decryption key is kept in RAM, and that way be stolen to read all your data.

The attack would not so easy in practice, if suspend-to-ram did not exist.

But as many users, including me, use heavily suspend-to-ram with their laptop, this issue is rather problematic…

The team provides a rather impressive video :

I no longer use dm-crypt since my Thinkpad provides hardware encryption, but I wonder now where the key is stored in my case. I don’t think it is in RAM, but I have to check it to make sure.I will do it tomorrow, since I need to rest now.

JC :: Feb.25.2008 :: Cryptography, Linux, Security :: No Comments »

As a replacement of my old but reliable Vaio, I bought a Lenovo Thinkpad T61.

About laptop PC, I have always been conveiced that the best pieces of hardware are found among Sony and Lenovo (ex-IBM). In tough or ultra-light categories, I would add Panasonic, but it is not the kind of laptop I am looking for.

So this time I am giving a try to Lenovo. What really decided me is its old fashion screen, I mean a non-bright one. My eyes are really getting tired with all these new bright laptop screens. Plus, its resolution is impressive : 1440 x 900.

So far I am pretty satisfied. For my need, the 14.1″ screen is the best compromise, and so is the weight and size of the laptop.

Without surprise, the keyboard and the trackpoint are just excellent. I also aprreciate some features like the hardware encryption of the hard drive, which also benefits from the active protection (head parking in case of shock to protect the data).

The laptop built and design are not as nice and polished as the Sony ones, but it is certainly solid.

After I took it just out of the box, I thought I would give a look to the pre-installed Windows Vista system. But the first startup appeared to be so long that I quickly stopped it in the middle of its process, inserted a fresh Debian Lenny 64 bits CD and went for a set up.

I worked pretty well out of the box. Like usual, I had to download the Intel Wifi firmware and the proprietary nvidia driver to use all the features of my Quadro NVS 140M graphic card.

More annoying, the active protection is not supported by default by the kernel.

I also have a problem with hibernation. Suspend to RAM works well, but resuming after suspend to disk always leave me on a blank screen. I guess this is related to the graphic driver, but so far the workaround that I found from other users don’t work for me.

Other things, including the fingerprint reader, work pretty well.

There are a number of guides from the ThinkWiki website that helped me a lot. Among them :

http://www.thinkwiki.org/wiki/Installing_Debian_Lenny_on_a_ThinkPad_T61

Set up the active protection (patch and recompile the kernel ) :

http://www.thinkwiki.org/wiki/Installing_Debian_Lenny_on_a_ThinkPad_T60#hdapsd

Get the fingerprint reader work :

https://wiki.ubuntu.com/ThinkFinger

However, after a few days, I realized that I was not satisfied by the responsiveness of the laptop, and especially the way it managed multiprocessing. I also wanted to use the active protection for my hard drive.

I decided to compile my own kernel, more optimized than the generic AMD 64 one provided by Debian.

Here is an excerpt from my .config file activating some features for a Core 2 Duo Intel processor - this apply to the latest version of Linux today, 2.6.24-2 :

#
# Processor type and features
#
CONFIG_TICK_ONESHOT=y
CONFIG_NO_HZ=y
CONFIG_HIGH_RES_TIMERS=y
CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
CONFIG_SMP=y
CONFIG_X86_PC=y
CONFIG_MCORE2=y
CONFIG_X86_L1_CACHE_BYTES=64
CONFIG_X86_INTERNODE_CACHE_BYTES=64
CONFIG_X86_CMPXCHG=y
CONFIG_X86_L1_CACHE_SHIFT=6
CONFIG_X86_GOOD_APIC=y
CONFIG_X86_INTEL_USERCOPY=y
CONFIG_X86_USE_PPRO_CHECKSUM=y
CONFIG_X86_TSC=y
CONFIG_X86_MINIMUM_CPU_FAMILY=64
CONFIG_HPET_TIMER=y
CONFIG_HPET_EMULATE_RTC=y
CONFIG_GART_IOMMU=y
CONFIG_CALGARY_IOMMU=y
CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y
CONFIG_SWIOTLB=y
CONFIG_NR_CPUS=8
CONFIG_SCHED_SMT=y
CONFIG_SCHED_MC=y
CONFIG_PREEMPT_VOLUNTARY=y
CONFIG_PREEMPT_BKL=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_MCE=y
CONFIG_X86_MCE_INTEL=y
CONFIG_X86_MCE_AMD=y
CONFIG_MICROCODE=m
CONFIG_MICROCODE_OLD_INTERFACE=y
CONFIG_X86_MSR=m
CONFIG_X86_CPUID=m
CONFIG_NUMA=y
CONFIG_K8_NUMA=y
CONFIG_X86_64_ACPI_NUMA=y
CONFIG_NODES_SHIFT=6
CONFIG_ARCH_DISCONTIGMEM_ENABLE=y
CONFIG_ARCH_DISCONTIGMEM_DEFAULT=y
CONFIG_ARCH_SPARSEMEM_ENABLE=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_DISCONTIGMEM_MANUAL=y
CONFIG_DISCONTIGMEM=y
CONFIG_FLAT_NODE_MEM_MAP=y
CONFIG_NEED_MULTIPLE_NODES=y
CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
CONFIG_SPLIT_PTLOCK_CPUS=4
CONFIG_MIGRATION=y
CONFIG_RESOURCES_64BIT=y
CONFIG_ZONE_DMA_FLAG=1
CONFIG_BOUNCE=y
CONFIG_VIRT_TO_BUS=y
CONFIG_MTRR=y
CONFIG_SECCOMP=y
CONFIG_CC_STACKPROTECTOR=y
CONFIG_HZ_1000=y
CONFIG_HZ=1000
CONFIG_KEXEC=y
CONFIG_PHYSICAL_START=0x200000
CONFIG_PHYSICAL_ALIGN=0x200000
CONFIG_HOTPLUG_CPU=y
CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
CONFIG_HAVE_ARCH_EARLY_PFN_TO_NID=y
CONFIG_OUT_OF_LINE_PFN_TO_PAGE=y

The important differences with the standard kernel are :

• the timer frequency set to “1000 Hz”,
• processor familly to “Core 2″
• preemption model to “Voluntary”

I am seeing now better performance in threading and global responsiveness - including, believe it or not, with the compiz effect, what I didn’t expect at all.

At the end, I just have hibernation not working : it is nice to see how good the support of Debian Lenny is, thought the hardware is pretty recent. Things are really improving quickly.

If you have some issue installing Linux on your Thinpad, post your problem here. I will be happy to help you as much as I can.

JC :: Feb.21.2008 :: Debian, Hardware, Laptop, Linux :: 1 Comment »