[mdlug] Disk encryption - once copied its vunerable

Fri Feb 22 14:15:06 EST 2008

> From: gib at juno.com

> Okay, I understand that having the key makes it a lot easier 
> to decrypt the data. But isn't it possible to decrypt the 
> data by brute force too?   So, encryption is not completely 
> safe, right?

 Well, yes and no. If an encryption scheme is solid-enough that brute-force
guessing is your scheme, and the key is sufficiently large, then there's no
realistic chance of breaking the encryption. Bruce Schneier has an article
somewhere where he shows that you'd need all the energy the Sun has produced
and ever will produce just to cycle a 256-bit register through all 2^256
possible values. As he put it: "[B]rute force attacks against 256-bit keys
will be infeasible until computers are built from something other than matter
and occupy something other than space."

 *However*, many encryption schemes have ways to drastically reduce the number
of guesses needed. Public-key algorithms, for example, just require factoring
a number, which is much simpler. They compensate by making the numbers much
bigger. Fortunately disk encryption tends to use symmetric-key algorithms from
what I understand, and there are cyphers for which there's no publicly known
attack better than brute-force guessing.

 *Further however*, just because an attack isn't *publicly* known doesn't mean
that there isn't one that's *privately* known. For example, there are
documented cases where it's been shown that the NSA knew about types of attacks
on encryption schemes decades before they were published academically.

 *Further further however*, in practice encryption keys usually need to be
remembered by humans, and not too inconvenient to type in. These are fairly
severe limitations and 'dictionary' attacks, as well as related schemes, are
often successful.

 Generally-speaking if your encrypted data may have been copied for offline
attack, it's best to assume that it *will* be broken eventually, and take
whatever steps may be appropriate. So long as a reasonable encryption scheme
has been chosen, you're likely to have some time to do so.

 As has been noted, adding a way to wipe DRAM on power-loss would be a defense
against the attack that sparked this thread. I'd imagine military/security
hardware might be built with a capacitor on-chip - if the Vcc signal is lost,
it uses the power stored in the capacitor to wipe the RAM cells...

 Sincerely,

 Ray Ingles                                                (313) 227-2317

  "Certitude is not the test of certainty." - Oliver Wendell Holmes, Jr.
The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it.