2

For the sole purpose of learning, I am trying to figure out how disk encryption software is able to recover password of an encrypted disk using a challenge response mechanism.

Th recovery process usually goes like that:

  1. You forgot your password on a device that has an encrypted disk (eg : laptop). The PBA (pre boot authentification) will generate a challenge (eg: 32 alpha-numeric characters, which AFAIK is approximately 160 bits of information). EDIT: 32 hexadecimal characters, which is exactly 128 bits (as reported by fgrieu in comments).
  2. You communicate that challenge to a third party (eg : IT department), along with some info that identify the device. They generate a response.
  3. You enter the response in the PBA. This allow you to generate a new password and decrypt the disk (and thus to boot the system again).

Here is an example :

example

AFAIK the response is too short to be the master key itself (the key which encrypt the whole disk). This would also be insecure.

How I think it works (I might be wrong on this) :

The encrypted disk store the master key twice. Once encrypted with user password (which is now lost) and a second time using another password that only the third party (eg : IT department) know. The challenge-response exchange allow to decrypt that masterkey (and thus decrypt the whole disk).

I am aware there is probably lot of different implementations used by disk encryption software so a single, exact answer is not possible. I would like to know one possible way to implement this recovery mechanism in a secure way.

tigrou
  • 133
  • 3
  • Do you know if the disk encryption key was initially set by the third party? Or with communication with the third party? That would make the crypto much easier. Note: on the picture, challenge and response each are 32 hex characters, that is 128-bit, not 160-bit. – fgrieu Jan 16 '20 at 11:38
  • Yes, third party has initially setup the encrypted device (and so master key). They will give you a temporary password that you have to change at first boot. picture: you are right, those are hexadecimal characters (and not alphanumeric as I though) – tigrou Jan 16 '20 at 12:02
  • 1
    I've migrated here because I think that IT Security may have more experience with disk encryption, and because the security protection may not solely consist of cryptographic algorithms. Hope that that's OK. – Maarten Bodewes Jan 17 '20 at 15:52
  • Yes, it's fine. To be honest, I hesitated to post this question on security. – tigrou Jan 17 '20 at 20:00

0 Answers0