Wednesday, February 6, 2008

TrueCrypt 5.0 - Full disk boot encryption

TrueCrypt 5.0 is out, and full disk, pre-boot authenticated encryption is now available. I can't wait to test this out, as it provides an interesting alternative to current commercial products. The description states:

...ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts).
I'll post more after I've had a chance to try it out.

2 comments:

Andre Gironda said...

Ok read this and tell me what the problem is:

System encryption involves pre-boot authentication, which means that anyone who wants to gain access and use the encrypted system, read and write files stored on the system drive, etc., will need to enter the correct password each time before Windows boots (starts). Pre-boot authentication is handled by the TrueCrypt Boot Loader, which resides in the first cylinder of the boot drive

What's to stop a backdoor in the BIOS or MBR from removing this? Can I remove the TrueCrypt Boot Loader by replacing it with something?

In the case of BitLocker, the TPM checks the BIOS and MBR to verify that they have not been modified. I also wonder if there is a recovery password like the one for BitLocker.

I welcome TrueCrypt for FDE, but I'm not sure it will be the ultimate solution. I'll try it out anyways and see what I can find out.

David said...

Andre,

As I read it, you're correct, there aren't protections built in to verify the integrity of the MBR and BIOS. Using TrueCrypt does mean that you won't need a TPM 1.2 equipped machine, which may be an advantage to some users. (You can work around that with a boot readable flashdrive, but that isn't ideal!) You also don't need Vista Ultimate or Enterprise - XP, all Vista verisons, and Server 2003 are supported.

In general, the TrueCrypt volumes should be more portable without entering a recovery mode than a TPM protected BitLocker volume. That may be beneficial to some, and less attractive to others.

It is worth noting that theoretical attacks on Bitlocker have been suggested that would use a falsified unlock screen from an alternate boot device to steal the password and unlock the VMK. The threat mode is similar to that effecting TrueCrypt, although it is more likely to require physical access than an MBR or BIOS virus would.

As you suggest, it appears that a reasonable exploit method would be to replace the TrueCrypt bootloader with custom code with the same decryption capabilities. This is made somewhat easier with access to the source code...

The advantage here for TrueCrypt users is added security for users of non-Bitlocker capable systems, for free. I don't think it is the ultimate solution, but you can't beat the functionality for the price!

As a final note, there's a useful MS FAQ on the capabilities of Bitlocker here.