Backup Attack Defeats Disk Encryption Software

Attack on Backups of Disk Encryption Image Files potentially reveals plaintext information
(PresseBox) (Schoeffengrund, Munich, Bradford, ) Global IP Telecommunications, a leading manufacturer of Voice-over-IP (VoIP) software telephones, PMC Ciphers, a leading specialist for ultimate ciphers, and CyProtect AG, a leading internet security specialist, have announced today that they’ve published research describing a new ciphertext-only attack on backups of encrypted image files.

In the paper, "Visualisation of potential weakness of existing cipher engine implementations in commercial on-the-fly disk encryption software”, the companies revealed that disk-based encryption schemes can in part be circumvented to reveal protected data. The attack was named “Backup Attack” by the author.

In order to mount the attack successfully, an encrypted volume image file is duplicated and both files are subsequently used independently to store information. Subtracting data bits with identical bit positions in the two files from each other yields zero for blocks or sectors that contain identical bit patterns in both files. This proves undeniably use of encrypted image files, how much data is stored in the encrypted image file and plaintext can even be revealed under certain circumstances without any knowledge of the key. As formatting commonly implies initialisation with all zero bits, blocks or sectors with all zeros can easily be identified in more recent copies. The new attack applies to ECB Mode (Electronic Codebook), Counter Mode (CM), Galois/Counter Mode (GCM), LRW, XEX, XTS, as well as CBC-based modes of disk encryption applications.

Most disk encryption softwares take advantage of disk keys. Changing passwords does thus not require re-encrypting an entire image file and security does not suffer at all due to the fact that password encryption is performed using a one-time-pad.

The companies further disclose software-assisted creation of image file backups by a disk encryption software as very effective countermeasure to render the novel attack unsuccessful.

This countermeasure is already built into the new version of the disk encryption software “TurboCrypt”. Existing users of earlier “TurboCrypt” or “Global Safe Disk” versions are advised to migrate to the new “TurboCrypt” as soon as possible. A beta version of the new software is already available online for Windows XP, Vista 32 and Vista 64 operating systems by following each of the URLs below:

http://downloads.turbocrypt.com/...
or
http://www.cyprotect.com/...

The paper, "Visualisation of potential weakness of existing cipher engine implementations in commercial on-the-fly disk encryption software” is accessible through the following URL:

http://www.turbocrypt.com/...

A high-resolution video (720x576px, 25fps, MPEG-2 encoded) is available on request.

Kontakt

Global IP Telecommunications Ltd.
Am weissen Stein 22
D-35641 Schöffengrund
Bernd Roellgen (BSEE)
Social Media