Democracy & Technology Blog Stealing encrypted data
Researchers at Princeton have figured out how to crack encrypted files stored on a computer’s hard drive, according to the New York Times.
“Cool the chips in liquid nitrogen (-196 °C) and they hold their state for hours at least, without any power,” Edward W. Felten, a Princeton computer scientist, wrote in a Web posting. “Just put the chips back into a machine and you can read out their contents.”
This technique — which enabled the researchers to retrieve encryption keys from DRAM chips — can’t be carried out remotely via the Internet or a WiFi connection, only if your computer is stolen or seized.
One way to look at this is to lament that one can’t be sure anything one stores on their computer is safe. But that’s pessimistic — a bit like lamenting it’s too bad someone can’t build a ship which can’t sink or a vehicle which can’t be stolen. Just as it is true that any secret code can be broken, it’s equally true there’s no limit on the complexity or redundancy one can add to secret codes to make them harder to compromise. Microsoft and Apple suggest how to protect one’s personal files in case their computer is stolen or seized:
Austin Wilson, director of Windows product management security at Microsoft, said the company recommended that BitLocker be used in some cases with additional hardware security. That might include either a special U.S.B. hardware key, or a secure identification card that generates an additional key string.
The Princeton researchers acknowledged that in these advanced modes, BitLocker encrypted data could not be accessed using the vulnerability they discovered.
An Apple spokeswoman said that the security of the FileVault system could also be enhanced by using a secure card to add to the strength of the key.