Rambling on the Private Data Security

1
Rambling on the Private Data Security

• Sun Bing
• taoshaixiaoyao_at_hotmail.com
• Syscan08 Hong Kong China
• 30th May 2008

2
Preface

• Nowadays Private Data Security has become a
  very hot topic, especially after the HK
  entertainment circles celebrity pornogate
  scandal, so its necessary to provide ordinary
  computer users with knowledges and tools to
  protect their private data.
• A random talk on some Data Security related
  topics, which will mainly focus on the following
  subjects
• Harddisk Lock Password
• EFS vs. Windows Vista Bitlocker
• WaterBox Software (Information Leakage
  Prevention)
• Harddisk Protection/Recovery Software/Card

3
Harddisk Lock Password

• ATA Security Mode Feature Set
• Abusing the Security Feature Set
• Harddisk Lock BIOS Configuration of Dell Latitude
  D620 Laptop
• Cracking the Harddisk Lock Password

4
ATA Security Mode Feature Set

• Security Mode Feature Set
• A password system that restricts access to user
  data stored on a device. In addition, access to
  some configuration capabilities is restricted.
• Password
• User Password
• Master Password
• Master Password Capability
• High
• Maximum
• Frozen Mode
• The Security Freeze Lock command prevents changes
  to all Security states until a following power-on
  reset or hardware reset, the purpose of this
  command is to prevent password setting attacks on
  the security system.

5
ATA Security Mode Feature Set (Cont)

• Commands
• Security Set Password
• Security Unlock (requires a password)
• Security Erase Prepare
• Security Erase Unit (requires a password)
• Security Freeze Lock
• Security Disable Password (requires a password)
• Password Rules
• See Table 6
• Password Attempt Counter
• Counter set to 5 after a power-on or hardware
  reset
• PasswordAttemptCounterExceeded

6
Password Rules
7
Security States
8
Security State Transitions
9
Security State Transitions
10
Abusing the Security Feature Set

• However the current BIOS version of most
  computers have no or only partial supports of
  this new security mode feature, which would be a
  very severe security hole that is exploitable by
  a malware to lock the hard disk with password
  stealthily to prevent any further hard disk
  access after the next power-off.
• In such a circumstance, to prevent the Security
  Mode Feature Set from being abused, a
  third-party pre-boot software is needed, as the
  format of either a BIOS extension or a bootable
  CD, which will issue the ATA command Security
  Freeze Lock to the ATA controller/drive to
  freeze all security settings until the next cold
  boot.

11
Dell D620 HD PW BIOS Configuration
12
Cracking the Harddisk Lock Password

• The harddisk will read the firmware area during
  the power-on process and determine whether it was
  locked or not, if locked then any other operation
  is not allowed before unlocking it with a correct
  password, since the passwords are stored in the
  negative tracks of the harddisk (a.k.a, firmware
  area) other than the drive circuit, it cant be
  cracked by simply changing the PCB.
• It is said that someone can break this password
  protection by using the combination of PCB (Print
  Circuit Board) hot-swap and the supports of some
  professional harddisk repair tools (MHDD or
  PC3000 etc).

13
EFS vs. Windows Vista Bitlocker

• EFS Introduction
• EFS Cracking
• Windows Vista Bitlocker Introduction
• TPM Introduction
• TPM Security Issues

14
EFS Introduction

• EFS Encrypted File System
• Important Keys Used
• FEK File Encryption Key (DESX, AES, or 3DES)
• Users Public/Private Key Pair (RSA)
• Users Master Key (64 bytes)
• A Key Derived From Users Password (3DES)
• Components Involved
• EFS NTFS Driver
• KSecDD
• Lsass (Lsasrv)
• CSP

15
EFS Architecture
16
EFS DDF DRF
17
EFS Cracking

• The Basic Concept of EFS Cracking
• Users Password ? Derived Key ? Master Key ?
  Private Key ? FEK ? File Data Plaintext
• Detailed Cracking Steps
• Get the users password by SAM attacking.
  (pwdump, L0pht Crack etc)
• Compute the derived key based on the users
  password.
• Decrypt the master key. (UserProfile\Application
  Data\Microsoft\Protect\SID )
• Decrypt the private key. (UserProfile\Applicatio
  n Data\Microsoft\Crypto\RSA\SID)
• Decrypt the FEK.
• Decrypt the file data.

18
Windows Vista Bitlocker Introduction

• Bitlocker
• Full drive volume encryption.
• Integrity checking of early boot components.
• Important Keys/Passwords Used
• FVEK Full Volume Encryption Key
• VMK Volume Master Key
• PIN Personal Identification Number
• Clear Key
• Restore Key/Password
• Startup Key
• System Requirements
• TPM v1.21
• v1.2 TCG-compliant BIOS
• USB Mass Storage Device Class supports
• At least 2 volumes (OS/Boot System Volume)

19
Bitlocker Architecture
20
Encryption Keys In Bitlocker
21
Bitlocker Drive Encryption-Enabled Volume With
TPM Protection
22
Bitlocker Drive Encryption-Enabled Volume With
Enhanced Protection
23
TPM Introduction

• TPM Trusted Platform Module
• Protected capabilities
• Integrity measurement
• Integrity reporting
• TPM Terminologies
• TBB Trust Building Block
• CRTM Core Root of Trust Measurement (BIOS
  Bootblock)
• PCRs Platform Configuration Registers
• Extend operation PCRn lt-- SHA-1 (PCRn
  measured data)
• TPM BIOS Driver (MA/MP)

24
TPM Architecture
25
TPM Components Architecture
26
PCRs Usages Summary
27
Dell D620 TPM BIOS Configuration
28
Dell D620 TPM BIOS Configuration
29
TPM Security Issues

• Three Conditions That Make the Chain of Hashes
  Trustyworthy
• The first code running and extending PCRs after a
  platform reset (SRTM) is trustworthy and cannot
  be replaced.
• The PCRs are not resetable without passing
  control to trusted code.
• The chain is contiguous. There is no code in
  between that is executed but not hashed.
• TPM Security
• Bootloader bugs (Violates condition 3)
• TPM reset (Violates condition 2)
• BIOS attack (Violates condition 1, CRTM and TPM
  MP Driver patchable)
• TPMKit? (BlackHat USA 2007)

30
TPM BIOS MP Driver
31
TPM BIOS Driver Header
32
MPTPMTransmit Prototype
33
Waterbox Harddisk Protection/Recovery Software

• Waterbox Software Introduction
• Waterbox Software Bypassing
• Harddisk Protection/Recovery Software/Card
  Introduction
• Harddisk Protection/Recovery Software Penetration

34
Waterbox Software Introduction

• What Is A Waterbox Software?
• Information leakage Prevention, a.k.a. Document
  Security Management (Protection) System.
• Popular Waterbox Softwares
• FileSECURE (AirZip)
• FSD/FSF/FSN/Wrapsody (FASOO)
• FD-DSM (Frontier Technology)
• CDG (E-SAFENET)
• InfoGuard (UNNOO)
• NET-LOCK (Sagetech)
• Implementation Technique Categories
• Peripheral device network protocol control
• File directory encryption
• File format convertion
• Remote file storage
• Information filter
• Application plugin
• Kernel mode real-time transparent file
  encryption/decryption

35
Waterbox Software Bypassing

• The Theory of Real-time Transparent File
  Encryption/Decryption
• The file data are encrypted on disk, and the
  Waterbox will only decrypt/encrypt the file
  read/write requests that are issued within some
  specified process contexts, such as Winword.exe
• Implementation Methods
• User Mode File Win32/Native API hooking
  (Including Memory Mapping functions)
• Kernel Mode FS Filter driver
• Bypassing Steps
• Inject a DLL into the process which can make the
  Waterbox decrypt files.
• Open and read the desired encrypted files.
• Pass the decrypted file contents to another
  process via shared memory.
• Write the received file data to disk within that
  process.

36
Harddisk Protection/Recovery Software/Card
Introduction

• What Can A Harddisk Protection/Recovery
  Software/Card Do?
• Any modification made on the protected harddisk
  will be restored automatically upon the next
  system boot, many internet bar install this kind
  of softwares to prevent their PCs from being
  ruined by customers.
• Popular Harddisk Protection/Recovery Softwares
• DeepFreeze (Faronics)
• PowerShadow
• PowerUser/PowerServer
• Returnil Virtual System (RVS)
• Sandboxie

37
Harddisk Protection/Recovery Software Penetration

• The Theory of Harddisk Protection/Recovery
• The disk access requests made on the protected
  disk partitions are intercepted and redirected to
  other disk locations, for example a hidden
  reserved disk partition.
• Implementation Methods
• DOS time PCI/ISA Option ROM, intercept BIOS
  int13h.
• Windows Disk Filter driver, attach on DR0 device
  object.
• Penetration Techniques (Used by Machine Dog
  virus)
• Detach the filter device object that was stacked
  on DR0.
• Create a virtual disk volume object.
• Passthrough instruction (DeviceIoControl).
• Direct port I/O.

38

• Thanks For Watching!Question Discussion Time