Danijela Bottineau and he's going to walk us through self encrypting drives and sorry bypassing self encrypted drives techniques and looking forward to this one myself I must say so thank you we're actually going to look at self encrypting drives as well and see how they work just before we start so I'm Daniel bhutanam I work with KPMG Canada in the forensic technology team I started my background in information security by first trying to see how I can build secure things and how I can deploy secure things and after a certain while I got bored of that and I said hmm seems like it's more fun to break them so I went a bit into the pen test side and application security testing and code review and and all of that stuff and that was fun but after a certain time I got bored of that and I said let me move on to something else so I put the forensic investigator hat and this is my main job right now where I'm actually looking at things that bad guys do and try to understand what they did and how we can catch them and I have a bunch of certs in each of these fields but what I'm really passionate about is some security research and that's what I'm going to talk about today now besides was an amazing event we still have a couple of talks before it's over if you're looking for your next conference there's one coming up in Montreal it's called North SEC they have an awesome CTF I use highly suggest that you check them out ok so let's get into the self encrypting drives first of all by show of hands who here is using full disk encryption on their laptops ok a fair amount keep your hands up for those that are using hardware based encryption ok that still maybe a quarter of everybody that has had their hands up who here isn't sure if it's software based or hardware based so today we're going to see hopefully help you understand if you're using software based encryption or hardware-based encryption and then for the hardware based ones we're gonna see some flaws that are inherent with the way standards are built that will allow you to break that encryption so the software based encryption the way it works is the classical full disk encryption it's that there's the module usually in the operating system that does the encryption in the decryption for you the advantages of software based encryption is that it works on any piece of hardware it doesn't matter if you have a Lenovo laptop but they laptop on HP a Samsung Drive Western Digital it works on everything it's software that does it if it runs software if your computer run software which it does it's gonna do software based encryption the applications don't really know that you have hardware or software encryption so your Microsoft Word it's not gonna know that your hard drive is encrypted it's just gonna know that it's writing a file and then the operating system is handling everything in the background it has some disadvantages the software based encryption it's slow if you want to encrypt the drive so let's say you have a laptop for those of you that haven't raised your hand and your laptop's not encrypted you should definitely consider encrypting it because if somebody gets a hold of it of anything even if you have a password they can read your data so let's say you want to put TrueCrypt on it although nobody's using TrueCrypt anymore now right so it takes a while for the software to read all of the data encrypt it and then write it in an encrypted form on the disk and if we look at the way a software based encryption works when you power on your computer what we have here on the left is the drive so whether this is a hard drive or an SSD this is what I'm showing in this part here and then at the right is your computer so imagine these as two different components that we're looking at the driving a bit more detail the drive that's inside your computer so this drive actually has on the on the drive there's two areas there's the pre boot area which is in blue which means that is not encrypted and then there's the user data which is encrypted so all of your operating system actually lives in the user they are in the encrypted part so when you're powering on the machine what happens is the pre boot software will get loaded and that software is unencrypted so we'll just travel through the SATA interface and then at some point you will authenticate there's a module that will be created on your computer the software decryption layer and then this will decrypt all of the other data and assist with the the boot process of the operating system and then through the rest of the usage of the hard drive the data will be read encrypted from the hard drive will travel through the SATA interface encrypted and then this module will decrypt it before presenting into the operating system so this was software now we're moving on to hardware this is why we're here this is what we're interested in so hardware-based encryption is different in the sense that it's not the operating system is not a software module in the operating system that does the encryption anymore it's actually a hardware component on the hard drive itself and it has a couple of advantages one of them is it doesn't have any performance overhead you know you're not using any CPU cycles to do the encryption the drive does it for you another pretty good bit of advantage is if you want to encrypt your drive it's just instant encryption you just change the switch and your hard drive is instantly encrypted and we're gonna see in a second how that works and how that's possible so for the hardware based encryption this is transparent both for the applications but also for the operating system your Windows is not gonna know that your hard drive is encrypted will just boot just as if it was a standard operating system and from a standard hard drive so there's a few requirements for a hardware based encryption you must have a compatible motherboard so any modern new laptop will typically do a drive that supports the required standards and you need the software or a management component to manage this and if you look at it on paper hardware-based encryption doesn't have any disadvantage I don't know why we're still using some of us software based encryption and and that's how it's being advertised so going back to our diagram where we have the drive on the left and then the computer on the right if this drive is a software self encrypting drives drive said or self encrypting drive there will be once again some system data and then all of the user data's once again encrypted only that this time the user data which is encrypted goes to a crypto processor which is on the drive this crypto processor will decrypt the data and will send the data back through the SATA interface to the computer in an unencrypted form so the computer receives unencrypted data through the through the SATA Channel and then usually there's a management component the software in the operating system that sends commands to this drive through the SATA protocol and these are that's what what the black line here means now there's a couple of variations of self encrypting drives and just to make sure that we get the naming right because the term is used for a couple of cases first there was the ATA security mode and this isn't really used a lot especially not in enterprises it's the drive does the encryption it's exactly what we've seen here is just that it's controlled by the BIOS when you power on your computer the BIOS prompt you for a password you type in the password that that password unlocks all of the process and it's not really used because it's difficult to manage you have to manage the BIOS is not a software that can be handled through GPIOs or through some other enterprise management modules what we're interested in is the Opel standard and this is a standard that was created by the trusted computing group it's the same group that set the standards for the TPM another security module in the computer so the OPO group created a new standard the Opel standard and all of the hard drives that are Opel compliant will work with this standard so they made this to make sure that if you have a Lenovo laptop and a Samsung drive or a Dell laptop and a Seagate Drive or some other combination they will they will work it's not something proprietary to just a manufacturer but you still need a software component that will manage this so in the operating system you will have something that will send commands to the drive and tell the drive how to set the keys or activate encryption or deactivate encryption it's just that it's the drive that's actually doing that work there is a pre-boot authentication as well in most cases and that's available through a process called MBR shadowing and we're going to see that in a second as well and the data is always encrypted on these drives as soon as a self encrypting driver said leaves the factory the data on it is encrypted whether you're using it as a set or not you might have a set on you in your computer actually not know that it's a set or that it's open compliant and have the data encrypted it's just that the way this works is the data is encrypted with a media encryption key and then this media encryption key is encrypted with another key which is called the key encryption key and the encrypted version of the media encryption key is stored on the drive and then the key encryption key is not stored anywhere this is derived from the user password or the management software that unlocks the drive so the drive is encrypted when it leaves the factory is just that the key encryption key the key that unlocks the drive is just typically set to 0 0 0 0 0 0 and if you want to activate encryption of the drive you just need to send the driver command it's going to put a random key instead and all of the sudden all of your data will be encrypted with a with a keychain that you more or less control Microsoft looked at this this has said this is interesting we like the Opel standard but we want to have a couple of requirements on top of that so they added that and BitLocker can actually manage self encrypting drives and Microsoft calls this a drive in their documentation but if you look at it in Windows it's just BitLocker so if you thought that BitLocker is the software encryption that's actually not not the case BitLocker can actually manage Hardware encrypted drives and we're gonna see that in demos here and then there's another category that's outside of the scope of this talk is all of the custom implementations for example the Western Digital USB hard drives that do this type of encryption and there's modules on the drive that do the encryption but it's a custom proprietary protocol and the way it works is not governed by the Opel standard or the USB thumb drives that have some software that triggers the encryption or something similar to that we're not going to look into that and each of those are custom to that specific implementation and what we see in enterprises is that typically sets are deployed in the Opel configuration and whether that's Opel or a drive were not really we don't really care I'm gonna use the terms to describe both the bios of the computer is locked sometimes most of the times is just open you can just go in there and make any changes that you want and usually you're allowed to a computer can be on or off or anywhere in between it can be in a hyper State or you can be in a sleep state whenever you're closing the lid to your laptop laptop go to sleep you change meeting rooms you open the lid laptop wakes from sleep manager is happy we're gonna look into the detail of how the drives get locked and unlock now does the self encrypting drives so when the drive is off when there's no power to the drive obviously the drive is locked the key encryption key the key that allows the unlocking of all of the process and the reading of the data and that allows the crypto module on the drive to decrypt the data is not present anywhere on the drive so the drive is in a locked state and whenever you power off the drive that key will disappear from the drive controllers memory so the drive will always go back to a lock state when you power it off when you power on the drive the drive still doesn't have that key so it's not able to read the data the processor on the drive is not able to read the data but what the drive will do is it will expose an area which contains the pre-boot authentication software and it exposes this area in a read-only mode so if you take a drive you plug it into a SATA to USB adapter you're going to be able to read the people identify but even if you clear to write it or tamper with it or put a backdoor in there you're not going to be able to the drives read-only it's not gonna allow you to do that so what happens is that the computer when you try to put it it will read that pre-boot authentication it usually prompts the user for credentials or interacts with the TPM in some way extract a password or a key that it sends to the drive and then with that key or that password the drive decrypt the key encryption key and with that it decrypts the media encryption key and then keeps that in the memory of the crypto processor so then the crypto processor will be able to encrypt and decrypt data transparently so this is the on an unlocked state and one very important thing to remember is that once the drive is in an on and unlocked state the drive will remain in that state until somebody tells the drive you need to be locked again or until you remove power from the so what that typically means is that let's say if you restart your operating system the drive will still remain unlocked the operating system doesn't really know that the drive is locked so doesn't do anything special with it if you crash your computer the drive will remain unlocked that that key was to remain in the memory of the drive and this is actually something that the standard specifies that are Opel specifies this is how drives are supposed to work and this is what we're going to exploit to be able to gain access to the data before I show you how to break self encrypting drives I just want to make sure that for those of you that don't have a setup with a self encrypting drive you have the steps required to configure one so that after this talk you can go at home and actually configure your drive to be in this mode and do some of the testing yourself so you're going to see it's pretty easy to set it up this way I'm going to show you how to do it with Windows with BitLocker there's a lot of other management software that can do this there is winmagic there's a secure dog there is McAfee there's Symantec there's all of the software that handles hard drive encryption pretty much hand handles self encrypting drives you need a drive that support supports the Opel standard and the modern laptop so if you're unsure what the state of your drive is right now and you're using BitLocker or you're thinking that you might be using BitLocker you can run the manage dash BDE command with the dash status to ask BitLocker to tell you the status of the encryption so if you get the message fully decrypted it means that you don't have any encryption on the drive at least not with BitLocker you might have some other solution that's doing encryption but you don't have any BitLocker there so if you're trying to configure a drive to have encryption this is a good place to start if you run the same command but you get the conversion status fully encrypted and then the encryption method is aes-128 it means that you have software based encryption and then if you get the message hardware encryption in there it means that you have hardware encryption so you're going to be able to use this command just to make sure to see that when you're activating encryption it actually goes into a hardware mode so the steps to activate encryption are actually the following first you need to make sure that your bios or UEFI is configured with secure boot mode on why because Microsoft said that that's a requirement if you want to have a BitLocker self encrypting drive you have to have this because this protects you against other things and Microsoft wants you to be secure second you need to prepare your Windows installation ISO on a fat32 formatted USB thumb drive or on a cd-rom the DVD ROM if anybody still has those lying around the reason for this is that the windows installer in UEFI boot mode doesn't really behave nicely from NTFS drives which is surprising because Microsoft invented NTFS during the installation process you just need to run the clean command in disk part what this does is it will wipe everything there's on that drive so if you have data there this would be a good moment to stop it also sends the commands required to initialize the encryption key so this part does that under the hood even though you're not you might not suspect that it does that and then once you have Windows installed you just go to the manage BitLocker and turn on BitLocker and you're gonna have a hardware encrypted drive and then you can use the manage BD command to check that that's the case so the reason I started looking at the self encrypted drives is that I was doing forensic investigations and then you have to create images of these drives and you run into challenges so I'm going to show you what happens if you try to connect these drives the self encrypting drives to some of the hardware imagers so these are devices where you plug it plug in the drive it will create an image of that drive to another repository so the tableau tt-to ut3 these are pretty pretty popular they have an option actually where they can say if there's any security in use they pretty much look at just the ATA security mode they're not going to see that the drive is encrypted if it's as hardware encryption and there's some cases wordage is going to go happily and and an image that drive at very fast speeds the logic you Falcon which is another hardware device that can do imaging of hard drives doesn't see encryption either because it also looks at the ATA security mode but then in some cases it fails right away after you start imaging if you connect the drive to a Linux distribution and you're trying to do the imaging that way this is one to base the Linux imaging distribution there are some cases in which the device file will just not be present the drive that we were expecting here would have been s d8 f4 and it's not even there you know if you're trying to image it you're just gonna get some errors with DD there's other cases where you will see a file there a device file but it's pretty huge this one is 15 exabytes an exabyte is 1 million terabytes so good luck imaging that sometimes the imaging software will work did he will say yeah I can start crunching on that it's gonna take a lot of space to image it and it's gonna try to work but we'll see in a second that if you take that image after and you connect it to some forensic software so we're showing here n case and case is able to handle a couple of software encryption solutions out there and if you provide it with the key it will be able to decrypt the data and show you the actual data in this case with the harder encrypting drives and case we'll look at the drive and say hmm this has the pattern of BitLocker or it has the pattern of securedoc if you give me the key I will be able to decrypt it from the image that you gave me no matter how hard you try and case is just gonna come back and say mean there's an error I wasn't able to decrypt and if you actually look at your image you're gonna see that it has all zeros after the pre-boot part so it doesn't take a forensic investigator to know that there is no data behind that if you have that in your image you're not gonna recover anything ok so now we get to the fun part how do we bypass self encrypting drives like I mentioned before the techniques to bypass self encrypting drives are not something that are specific to a certain laptop manufacturer or a certain drive manufacturer a certain software it's just the way the standard is made and everybody that implements the standard is going to work that way there's things that can be done to mitigate some of the risks and we're gonna see that a bit later but it pretty much works on anything that implements this and and I test it on a couple of configurations so we're gonna see five different scenarios of attacks that can used to bypass these drives depending on the state in which the drive is and how far you want to push that machine or how far you want to push that rise okay so the hot plug attack in the case where you have passed through pre-boot what does pass through pre-boot means in the case of BitLocker for example you can have it configure so that when you power on your machine the TPM authenticates the bootloader make sure that the drive is the same Drive and it's running in the same machine if you move that drive somewhere else the TPM is not going to release the key for another drive if you change some BIOS configurations the TPM is not going to release the key if you change the bootloader the TPM is not going to release the key so for the user the user will just power on the drive the the sorry the machine and it will go straight through to Windows TPM is doing all the work so if this is the case the step that we will do to attack this scenario is we will install SATA data in power extension cables and the demos coming in in 30 seconds will just power on the laptop at that point when you when we power on the laptop the drive will turn on but it will still be in a locked state then the pre-boot authentication software Lowood and then transparently talks to the TPM asked the TPM nicely to release the encryption key the TPM releases the keys which are sent to the drive and the drive unlocks itself and keeps a copy of the media encryption key in memory so at that point the drive becomes on and unlocked and then the pre-boot software will just trigger a standard boot from that point on so then the Windows boot loader will load and start loading windows and everything behind it and the drive will remain in an on on lock state so what we will do is after windows start or after at least this first process of unlocking the drive is complete we'll simply switch the SATA data cable so instead of it being connected to the laptop where the drive originally was we're just gonna plug it into an attacker control machine simple as that okay so let's see we have a camera here so you can see a bit better what's happening so first I'm just going to show you how the laptop works I'm gonna power on this laptop so there we go it's on it's a Windows 10 we have a user here and let's see what if any updates were applied recently to this machine yeah it turns out that this is the Windows 10 updated as of today so all's good we have all the latest patches and then let's see the status of the drive let's see if the drive is encrypted or not so we're gonna run the manage these - status command so this is where we see that the drive is fully encrypted and then encryption type is hardware encryption so the drive is indeed encrypted key protectors here shows TPM which means that we only need the TPM to unlock the drive we don't need to enter a pin when we're booting the laptop to unlock the drive and then there's a second option numerical password this is actually the BitLocker recovery key in case you lose access to the TPM or something happens and you need to recover that on the drive you can supply with the numerical password as well and unlock the drive and another thing you can use to just receive the drive encrypted or not windows shows you an icon near the drive that you see the padlock here the padlocks unlocked if it's a hardware based encryption that means that the drive is encrypted but in an unlock state if it's software you're gonna see the padlock usually in yellow and it's going to show always locked and we have a file here on the desktop and this is the file that we're going to try to read from the other computer so now the user goes home the user will do a shutdown so it's a full shutdown it's the computer doesn't even go to sleep we're taking all of the precautions we don't want to have the key in memory or anywhere else so that we're the key could be recovered the computer shut down the attacker steals the laptop backer will open the laptop and you see how easy it is to open one of these laptops well it's actually not that easy at all of the screws undone before we might need the battery the batteries actually here in the laptops not gonna power on if we don't put the battery back in so this is where my SSDs I'm just gonna remove it from here this is just the velcro instead of screws and I'm connecting this state extension cable just so that I can work with the drive outside of the laptop and I'm going to put some tape so that the cable stays there okay let me put the battery back in as well and if that as well okay so now I have the drive right here and what I'm gonna do is with this cable that I have on the laptop I'm gonna connect the data cable to this extension and then the data cable will go in the hard drive so this is the setup that I have and I need to provide my drive with some power as well so I just have another an external power adapter here and I'm providing the drive with some Sailor power so that if my laptop restarts or crashes or anything happens with it it's not going to be a problem I'm not gonna lose power to the drive in the drives not gonna lock itself so we're just gonna power on the laptop now the laptop powers on from off mode the TPM will just see that nothing changed since last time it will unlock the drive it was a very fast boot this is Windows 10 so now I will remove the data cable hope my camera crashed sorry okay so now I will remove the data cable from the that goes into the laptop and pre surely the laptop will crash we have the drive right here and I will connect the drive to USB to set our adapter the cables are pretty short so I'm not going to be able to show it real well on the camera so I just connected this here and now I should see in this computer pop the drive just popped up the victim drive and now I just can go into the users and I can read the drive just as if that drive wasn't encrypted at all so what Windows is saying and Microsoft is saying is TPM is good it's nice but if you really want a secure deployment you should have a TPM and the pin so that's the case where you have a pre-boot authentication this is the technique to bypass this is something that was known for ata security drives and it only works if the laptop is in sleep mode or if it laptop is on so basically what we will do is if the laptop is on we'll just put the laptop in sleep mode then when the laptops in sleep mode we will install the extension cables again and then we'll just resume from sleep or wake from sleep to have the laptop unlock the drive and then when the drive is unlocked we'll just switch the SATA data connection from the laptop to our actual computer so pretty much simple as that and we'll have access to the drive as well another technique is the force restart attack so if we have this in a pass-through pre-boot authentication again so that means when we power on the laptop TPM automatically unlocks it if the steps that we can do is we'll just power on the laptop so that the machine starts we'll wait for the management software to unlock it and then we'll find a way to crash the machine and when you crash the machine what happens is that the machine will restart but the drive will remain unlocked so if you boot from something else you'll still be able to read the data on the drive and this works except for drives in the drive mode on lenovo laptops they nova putting some mitigations and if they detect this they're actually going to reset the drive when it reboots if there's there is a pre booth authentication so you have to type in a pin or username and password when you're starting the computer then you need to have the laptop in sleep mode or on again if the laptop is in sleep mode will just wake it up we're we're going to trigger a soft reset and then we're just going to boot from an alternative source so it's as simple as that once again this doesn't work with Lenovo laptops in a drive mode so you might ask how are we going to trigger a soft reset of the machine well one way is to crash it and you can crash it with fuzzing the USB it turns out that the USB stack at least until the Windows 10 can crash pretty easily there's actually a command here for you map which is the tool that you can use to drive the phased answer which crashes all versions of Windows until Windows 10 there's test cases there in you map that can still crash a Windows 10 if you know how to run them so it's pretty easy to crash a fully patched Windows 10 some other techniques if you really like hardware and you like to play with fire is just take a screwdriver and just slide it on top of the pins of the memory game you might break something or you can just remove one of the memory games while the computer is running in my experience this works maybe half of the times half of the times the computer will restart and will trigger soft reset and then you'll be able to do the attack that you want half of the other half of the times when you play with the memory the computer will just freeze and then after a certain time the motherboard will say that there's a problem and trigger a hard reset which will reset the drive as well so you won't be able to access it that way so this is a 50/50 and then finally the last technique the hot unplug attack that I'm going to talk about today this is similar to the hot plug attack it's just that it's on steroids so if you have something that detects when you're taking the drive out of the laptop and you're resuming from sleep and tries to prevent that you can use the hot unplug attack so the hot unplug attack you need to have the laptop on or if it's in sleep mode wake it up or if it's off and uses the pass-through authentication just power it on so that it's on and then you're going to expose the SATA pins so this is a lab a drive in the the drive compartment you just undo the screw in this case and slightly pull it over the drive is still connected it's still power on it's still unlocked but you have access to the pins then you're gonna force apply power to the drive while it's in the laptop so we're going to bring power from another source and connect it there so the way I did this is I just took a SATA extension cable I broke all the plastic off so I exposed the pins and then you can connect those pins to the drive be careful with this and once you have that you remove the drive from the laptop while maintaining the the cable with the pins there and then you connect the other end of that cable to the attacker machine so you end up with the drive sink on the table and with you holding that connector while your buddy is reading data of and actually operating the other machine so I don't know if you notice but this photo is different than this photo it's another drive that's because when I was doing this one of the times I actually moved the connector slightly so I provided power on pins that were I'm actually expecting that much voltage and power so pretty much fried the drive so be careful with this and I think we have time for another demo let me just take another laptop we have a laptop here that is it uses uses securedoc just turn on the camera so this one uses pre-boot authentication so this is the legitimate user that just powers on the machine at this point at this point the drive became locked now Windows is starting and what I'm going to show you is that after windows started we're gonna crash the machine now typically we will crash this with the USB phase dancer unfortunately it's a bit tricky with the cables and I don't have long enough cables to do that but while you're testing a very useful technique to see if you're vulnerable to these type of attacks if you can crash a machine is actually to trigger a crash dump from Windows and there's it's a documented way if you have admin privileges on the machine you can actually set some registry keys that will tell Windows to crash if something happens if you press these kids so here my user just locks the machine I'm going to press my secret key combination and the machine crashed and now I'm quickly going to boot from another device I plug in a USB thumb drive I'm going to boot from that seems like it wasn't fast enough so this just might just be a fail let's just try to control deletes try again there we go so I'm booting from a USB device and now I'm putting on Ubuntu but during all this time if everything went well the drive remained in an unlocked state so right now the drive is unlocked when my boon to start is just gonna see a drive that's unlocked so we're just gonna we're just gonna confirm that so yeah the windows crash dump which is usually control scroll lock scroll lock by the default configuration is nice if you're if you know that you can crush it with the face dancer but you don't always want to use that or you think well maybe everything that was known all of the the crash test cases are patched but there might be others in the future you just want to know if if there are other cases in the future that can easily crush the machine will you still be vulnerable to this you can actually use the documented wave in Windows to crash it so let's just start a terminal where do I change the font size so this is hope my camera crashed again you know this is a good demo when it crashes a couple of times right so I just ran LS block and I can see my SD a1 and SD a 2 and in this case HD SD 1 has the size of 238 gigabytes which is the size that I was expecting actually let's mount the drive and let's mount it read-only and there we go we can read the contents of the drive even even though the drive is encrypted without actually taking the drive out of the machine okay so remember when I told you at the beginning that this is what's gonna be the agenda this is what we're gonna talk about actually I lied there's two more points there's detection mitigation and then there's homework for you so yes this is actually one of those talks that gives you homework if we look at detection let's say you're suspecting that somebody in your organization use one of these techniques to read data from the CEOs laptop or from somebody from from a VIP and you're actually given the laptop after and you're asked to investigate that it turns out that it's really difficult to tell that if that happened or not if somebody used the hot plug or hot on plug attacks the only traces that will remain on the laptop are traces that are similar to the laptop having a problem with the battery or the power adapter it's a it's a laptop that all of the sudden goes blank you're gonna see Windows events the regular ones and then nothing and then just a standard boot after if it's a force restart attack you're gonna have traces of the blue screen of death the bsod the error codes memory dumps and so on so if the attackers sloppy you're gonna see those and you're gonna be able to say yes they use the test case from the phased answer and this is how they crashed it because the attacker has access to the drive after the drive has been unlocked the attacker can clean up those traces so it might be very difficult for you to detect that what can you do to protect against this if you're using self encrypting drives well as the user if you power off the machine or hibernate the laptop when it's not attended you're addressing a lot of the cases you're protecting against 90% of the of the of the attacks especially if when powering on the machine the machine requires authentication if you're an IT administrator it can influence the IT administrators things that they can do are enable pre-boot authentication and if you do that your users are going to hate you but you're protecting them you can disable and if you do this your users are gonna help hate you even more because now when they're closing the lid to the laptop going to the other meeting room and then they open the lid the laptop will have to wake up from hibernation it's gonna take them two or three minutes and they're not gonna be happy and also another thing is you can disable automatic restart if the laptop crashes for laptop manufacturers they can actually implement features which will power cycle a drive when the machinery starts which is something that we see with the Lenovo drives in the BitLocker II drive mode and additionally laptops could detect that when the laptop was in sleep mode actually took the drive out I connected some extension cables between and then the drives back it connected again to the machine so they could detect this and if that's the case then they could power off the machine for example so that the machine doesn't automatically unlock the drive at that point we went through a responsible disclosure process with the TCG trusted computing group and they involve ANOVA which is one of the manufacturers and then they said yeah this detection of the drive tampering when it's in sleep mode sounds like a good idea and they actually implemented a feature in BIOS that can detect that and works as advertised it's called internal storage tamper detection there's one big problem with this it only works if you enable it and by default is disabled so finally the homework part is if you're not sure what kind of encryption you have and you have it if it's probably BitLocker run the commands that I show you and I shown you try to see what kind it is at least you're going to know if it's software or hardware if you don't have any encryption at all then you have a whole lot of other problems that you have to have to deal with first if it's hardware encryption then try to replicate one of these attacks the SATA extension cable that's five bucks on ebay crashing the machine even if you do it just that way which doesn't require any specific hardware you just need to set a registry key and then have a bootable bun to thumb drive it just requires a bit of time on your part so try to replicate one of these these are pretty simple at least you'll know you'll understand better the limitations of this technology and how it can be bypassed and then take this information take it back home if it's a personal computer and then harden the configuration based on what we've seen in the previous slide or if it's a corporate computer take it back to your security group to your IT group talk to them about this let them know what the issues are and tell them how they can improve it thank you are there any questions software encryption versus the hardware encryption it doesn't have these particular problems but it has other problems there's there's things where you can take a drive just modify the pre-boot authentication software put something else there put it back on the drive put the machine back and then wait for the user to log on evil made attack and even have something that sends you that password or data afterwards after the wire there's reading the keys from memory if the laptop is powered on there's a couple of other issues with software encryption so I wouldn't say there's one better than the other in terms of security if your laptop is on and you're leaving the laptop on unattended regardless of whether you have software or hardware encryption I would say you're exposing yourself to a risk that I wouldn't be able to tolerate that being said the hardware encryption has some advantages from a performance point of view and from the fact that it can just out of the the box with a with a switch activate the encryption also hardware encryption has a pretty nice side effect is you can do a crypto wipe you can change the key the key encryption key in the drive you can switch that to something else and then the data will become inaccessible on the drive and that you're basically wiping the drive entirely in in a matter of a couple of seconds if you are hibernating or powering off the only way you can attack the machine is if you have passed through pre-boot authentication so if you have BitLocker with TPM only so that then the machine powers on unlocks the drive and then you can use the same techniques just switch the drive at that point from the laptop to your attacker machine if you power off or hibernate the drive and you have pre-boot authentication either the BitLocker pin or the secure tag that I've shown you in the in the second demo then there's not much the attacker can do so if I've done anything similar with external drives that do hardware encryption external drives are worked differently and each of the if it's an external hard drive like the Western Digital they they're pretty known for their they have a similar software a sub sorry self encrypting drive where that drives actually encrypted and it's a processor on the drive that does that there's some pretty good research out there on vulnerable ''tis around that not around the standard because they're not following any standard there's it something proprietary that they implemented but just on the way the keys are being generated and the fact that one of the my key takeaways from that research was that the keys with which these drives are loaded from the factory are weak and are predictable based on the on the date when the drive was produced you can pretty much predict that and decrypt those drives there's other cases with for example some USB thumb drives where when you're plugging the thumb drive you run a software and then that software sometimes appears as a CD the amounts of virtual CD on your computer and you can run it and then it triggers something similar of locking and unlocking once again that's all proprietary to that company and it just works with custom commands that they implemented a lot of the those times those vendors don't have the experience and they they didn't get the chance to get it wrong and get the so wrong as many times as the big players like semantics or Microsoft or a secure dog have so I would say there's probably more chance on having issues with those with the crypto part itself it's just that you need to focus on those drives specifically and if the market sure is not large enough you might not have people that are that are looking into it any other questions if this techniques technique works on raid and on Windows Server 2012 in theory it should in theory this this works on everything this works on Mac it works on Linux it works on there's a variety of software that can do a hardware based encryption on these platforms I'm not sure if BitLocker supports we drive the the hardware based encryption mode if your drive is in a raid configuration I know that the PCG have a variation of the standard instead of the TCG Opel they have a TCG Opel Enterprise version which is pretty similar and from from my understanding and I haven't looked at those it pretty much has the same issues and the main objective of the standard is to protect against disclosing data from the drive after the drive has been removed from the server and it's powered off so you can easily take that drive and throw it away you don't have to worry about wiping the drive after but the same techniques here would apply so if you just take a Windows Server 2012 with a single Drive and activate this then it's going to be exactly the same thing it's it's the same BitLocker the same the same exactly the same mechanisms something you have some Windows Server 2012 sry with that with TPM and raid 1 and you have BitLocker on them oh ok well one of the things that you have to keep in mind is that to be able to use the soft encrypting drives you have to have secure boot on and sometimes that doesn't play that nice with some rate configuration so you might not be able to set it up this way but definitely worth a try any other questions so what you're saying is have a sort of a shim and insert that and connect that to the drive and then connect that to the hardware cloner right yeah you could so on the point of whether once you unlock the drive whether you can connect that to the hardware cloner and that's a good point that I didn't talk about but definitely once the drives unlocked I connected it to a laptop here for the demos but you could actually connect it to the cloner and do the imaging with the cloner if you just insert a shim you would have to make sure that you're somehow disconnecting the SATA connection that the drive has with the laptop so you'd have to insert a shim and then somehow remove the drive after at that point it's definitely possible the my pins and the braking the plastic is pretty messy and pretty ugly it was mostly to see if it can be done but yeah do the pins do the connectors are just on one side on the top or on both sides it might be that I'm not sure how the SATA connector is I can actually have if it's just the one side then yeah you could insert the shim and then at that point it would do that you just have to make sure that when you're asserting the power shim that you're maintaining power to the drive and then when that transition is done between power being sent from the laptop versus power being sent from your shim the drive doesn't lose its power doesn't lose power for one instant because if it does then it's just gonna reset and and and and lose the encryption key from memory any other questions the MDOT two drives no I haven't done that with the MDOT two drives and if you should be able to do the same thing it's just that the pinout is different than the SATA drives but it's pretty much the same the same idea I think this would work and you would pretty much just have to have the connector where you're supplying power to the correct pins and then just extracting the data from there and then you would have to connect it to an MDOT two connector on the other side of course any questions thank you