24

I've been researching disk/file system encryption, and on the surface it seems like a good idea for a lot of things. But as I dig further, the security it offers seems more mirage like than real.

For example, it seems like there is little point in encrypting your file systems in a data center somewhere, because the employees there need to be have physical access to the system in order for backups to be made, replacing failed hardware, that sort of thing. And if the server reboots, you have to supply it with the key/passphrase for it to boot up. If you don't give them that, you probably have to figure out how to ssh in or something to provide that, which is a) a PITA, and b) not really that secure anyway, since if they can physically access the machine they could theoretically read the memory and the key etc.

If someone hacks in via the network, then it does not matter that your data is encrypted because if someone has root they will see plain text. So it seems to me that it would be more worthwhile putting effort into finding a data center with people/security you trust, OR hosting it yourself if you are that paranoid. Encrypting a filesystem on a system you don't have physical control over seems to me to be about as secure as DRM and for similar reasons.

Where file system encryption does seem to make some sense is in storing backups - if you store in multiple off-site locations, you may not be able to trust them as well, so encryption would be welcome. If you stored backups of the keys and pass-phrases in different areas, it still might be worth doing because it is a lot easier to hide a USB key than it is to hide a HDD or tape.

Another area it seems to make some sense is in a laptop. Keeping a USB key on your person along with an encrypted drive on your laptop would be good security if the laptop got stolen. Never letting the laptop out of your sight might be nearly as good though.

If you control physical security and have access to the machine (e.g. server, workstation or desktop at home for example), it could conceivably be a good idea to encrypt. Again, controlling and securing a USB key is a lot easier than securing a computer system.

Those are the conclusions I've come to so far, but there is a good chance I'm overlooking something - which is why I thought I'd ask here. Thoughts? Agree? Disagree?

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
user1971
  • 783
  • 6
  • 9

6 Answers6

23

In a data center, disk encryption can be useful for handling old disks: when a disk fails, you can simply discard (recycle) it, because the data it may still contain is encrypted and cannot be recovered without the corresponding key (this assumes that the server has the encryption key somewhere on its "system" disk -- or some other device -- and that the failed disk is not a system disk). Otherwise, disposal of failed disk is an issue (you want the equivalent of a shredder, e.g. a cauldron full of acid).

For laptops, disk encryption is useful only if the laptop cannot be stolen with the decryption dongle, which, in practice, means that the user must have the dongle attached to its wrist, not simply kept plugged in the laptop. It also means that the dongle must be used regularly, not just at boot time (also, take "sleep mode" into account: users reboot very rarely). It can be predicted that users will actively resist such security features (and a security system that the user works around is worse than having no security system at all).

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
  • 1
    +1 That's excellent! You are absolutely correct that the only way a drive should leave the premises is if it is encrypted without the key. Even then, the hyper paranoid would be possibly better off holding on to the disk until it can be destroyed in a suitable manner. Also nice comments about sleep mode in laptops. – user1971 Apr 20 '11 at 13:42
  • 7
    "disk encryption is useful only if the laptop cannot be stolen with the decryption dongle" - and the decryption passphrase, you mean? Depending solely on a security dongle would be fragile for the reasons you outlined (what is the point of a security dongle which anyone can use for access?). However, when combined, this gives a reasonable level of security against non-targetted thefts (the hardware may be gone, but the data is not accessible to the attacker). – Piskvor left the building Apr 20 '11 at 15:32
  • 3
    @Thomas - one of the biggest problems I find in every large corporate is that although they have full disk encryption on every laptop, the boot time is so long users never power down. This means laptops are always in sleep mode in transit, which means full disk encryption is effectively pointless!) – Rory Alsop Apr 21 '11 at 10:41
  • 5
    it's not entirely pointless as it at least prevents attacks that require a reboot (for example, rebooting a mac to put it into target disk mode is prevented). It also means that the attacker has to be a lot more sophisticated if it is the data they are after - where the attacker is just after the device to sell it on, chances are pretty good that the device will ultimately just get wiped and reinstalled. – frankodwyer Apr 21 '11 at 12:32
  • @frankodwyer that can be prevented using a firmware password, though. –  Apr 21 '11 at 13:26
  • 1
    @graham yes true altho it is just an example of something that requires a reboot, and is 'defence in depth'. this does remind me of a question I want to ask tho so I will ask it on here! – frankodwyer Apr 21 '11 at 20:43
  • @Rory Alsop: Big +1 for the long boot times comment. This can be avoided by *a)* using a SSD, *b)* making a clean Windows install without too many resident applications that aren't needed, and *c)* disable Hibernate etc. Of course, while this isn't hard at all it would require *care* and a little bit of *money*, which seems rare. :-( –  Apr 23 '11 at 19:35
10

1) I think disk encryption makes sense for any kind of portable media that is easily lost or stolen. For example a USB drive that you use to transport information, or one that you backup your laptop to (e.g. a time machine backup for a Mac).

There's going to be times when this drive and the source system are not in the same physical location, and the data is genuinely at rest (i.e. the drive is not mounted). Disk encryption seems pretty reasonable in this case.

2) I think disk encryption for a network file system (inc cloud storage) or a SAN could make sense for similar reasons - there may be many people with admin access to the system containing the logical/physical media (e.g. employees of the cloud provider), but who won't necessarily have any access to the endpoint system which has the decryption key and uses the data. So encryption at the filesystem level could help in that kind of case too, as long as it is performed at the endpoint using the data.

frankodwyer
  • 1,907
  • 12
  • 13
8

tl;dr: Disk encryption prevents yet another event of the type "Company X loses laptop with customers' confidential data, and those are now available on Net" (I'm aware that "event" and "reporting of an event" are not the same) - trusting the average user to guard the laptop is ineffective.

Another area it seems to make some sense is in a laptop. Keeping a USB key on your person along with an encrypted drive on your laptop would be good security if the laptop got stolen. Never letting the laptop out of your sight might be nearly as good though.

"Never"? I don't think that word means what you think it means. That is seriously impractical (I just don't see myself lugging a laptop to the toilet), and thus will be ignored ("I swear, I just turned around for a second and poof it was gone!").

I think that disk encryption actually makes a lot of sense: it is far more likely that the laptop will be actually forgotten somewhere (airports, taxis, pubs ... some people just don't care about the company assets), or stolen as a generic-valuable-item (from a car, or from a luggage), not as data-container-of-specific-company. For these cases, it actually provides decent protection (and assuming automated backups, not much data will be lost).

Piskvor left the building
  • 1,644
  • 15
  • 14
  • 4
    If I was in a place where I couldn't trust the people (e.g. coffee shop, restaurant), I would certainly take the laptop to the toilet with me. I usually don't leave the laptop in a hotel room, and the laptop always goes carry-on. I don't even put it in the overhead compartment - my briefcase (and laptop) goes in the space in front of my feet. I do understand what you are saying about the average company employee though. – user1971 Apr 21 '11 at 02:31
  • 1
    I think this is a comment rather than an answer? – frankodwyer Apr 21 '11 at 06:58
  • 1
    @frankodwyer: "What are good use cases for disk encryption?" "Laptops secured with a hardware device and a passphrase may benefit, as employees lose laptops as if it were garbage". How is that *not* an answer? Edited to clarify. – Piskvor left the building Apr 21 '11 at 08:10
  • Unfortunately it doesn't prevent these sort of headlines, as the media don't care. Headline will still be "Company X loses Y Million Records" despite the encryption, and the share price will still take a hit. The data will be safe, but there is still an impact. Frustrating but true! – Rory Alsop Apr 21 '11 at 10:43
  • 2
    @Rory Alsop♦: Well, there will be a PR impact, I'm not denying this - but which is worse: "you have bad PR", or "you have bad PR plus someone out there also has your data"? I'm not saying this will *prevent* problems, but it will definitely *mitigate* them; media proclaiming that The Sky Is Falling and End Of The World Imminent doesn't make a difference here (as that will happen in either case). Edited to make this *even clearer*, eagerly awaiting further nitpicking ;-) – Piskvor left the building Apr 21 '11 at 10:59
  • 1
    @Piskvor - no I agree with you, it wasn't a nit pick. I wanted it to be an addition. Wasn't big enough to be an answer, no suitable place for it to be a comment so I popped it in here :-) – Rory Alsop Apr 21 '11 at 11:19
2

One other use case not yet mentioned is mobile devices with a remote wipe capability. It takes some time to wipe a disk, during which the attacker may notice what is hapenning and intervene ; but practically no time to wipe an encryption key, so even with an always-on device like a smartphone there is some value in having the storage encrypted.

Graham Hill
  • 15,394
  • 37
  • 62
2

A recent report from Ponemon/WinMagic found that full disk encryption is beneficial for mitigating data breaches. They found that the total cost of ownership of full disk encryption is $200-400 per year per machine, but the average amount saved per year (due to a reduction in costly data breaches) is around $4000-5000 per year per machine (in the US). Thus, they argue that the benefits of full disk encryption greatly exceed the costs.

The full report is here:

D.W.
  • 98,420
  • 30
  • 267
  • 572
2

Except from the backup and reboot problems (in both cases the admin must unlock the encrypted volumes) I would also point to the problem of managing/distributing/installing keys to all the users and processes that would need access.

If moving to the user level is not a problem I have found PGP netshare to be useful for a number of reasons:

  • Encryption is taking place at the file (not whole disk) level so the admins can still have full access to the file (for backup etc.) but not its contents.
  • The encrypted directories mimic the OS ones (in windows) and the solution works transparently for the user
  • Access to encrypted content can be decided for specific groups of people with each one having his/her own key.
  • It has central management and seems to scale.

On the other hand, I have seen a number of problems when people need to "check-out" stuff ("remove from netshare") as they don't always realize what is encrypted and what not. Expect the usual support problems when moving to user space.

George
  • 2,813
  • 2
  • 23
  • 39