Truecrypt 1, FBI 0

[blackangst1]

I always get a chuckle when people think certain 3 lettered agencies have special decryption tools....they dont. Remember, the NIST asked the private sector to come up with an AES standard. Although this case applies to them trying to brute force a passcode (unsuccesfully), the encryption remained intact as well. Not that Im one to cheer the bad guys (Im not), but its yet another testiment to Truecrypt (and encryption in general).

http://g1.globo.com/English/noticia/2010/06/not-even-fbi-can-de-crypt-files-daniel-dantas.html

Not even FBI was able to decrypt
files of Daniel Dantas

Hard drives were seized by the feds during Operation Satyagraha, in 2008.
Information is protected by sophisticated encryption system.


The FBI failed to break the encryption code of hard drives seized by federal police at the apartment of banker Daniel Dantas, in Rio de Janeiro, during Operation Satyagraha. The operation began in July 2008. According to a report published on Friday (25) by the newspaper Folha de S. Paulo, after a year of unsuccessful attempts, the U.S. federal police returned the equipment to Brazil in April.

According to the report, the fed only requested help from USA in early 2009, after experts from the National Institute of Criminology (INC) failed to decode the passwords on the hard drives. The government has no legal instrument to compel the manufacturer of the American encryption system or Dantas to give the access codes.

The equipment will remain under the protection of the feds. INC expect that new research data or technology could help them break the security codes. Opportunity Group reported that the two programs used in the equipment are available online. One is called Truecrypt and is free. The programs were used due to suspected espionage.

According to the report, the FBI and the INC used the same technology to try to break the password. It is a mechanism called a "dictionary" - a computer system that tests password combinations from known data and police information. Experts from the INC used this technique for five months, until December 2008, when the discs were sent to the United States.

 

[jtusa]

Encrypt everything, doesn't matter if you're hiding something or not. If it's not anyone else's business, then it's not anyone else's business. I love seeing stuff like this. Good find OP.

 

[Mark R]

Except all that will happen if everyone encrypts data is that the state will make it illegal.

This is the case in the UK. If you have encrypted data and do not provide the encryption key to law enforcement when asked, you get five years in PMITAP.

 

[Zargon]

wow

 

[jtusa]

Except all that will happen if everyone encrypts data is that the state will make it illegal.

This is the case in the UK. If you have encrypted data and do not provide the encryption key to law enforcement when asked, you get five years in PMITAP.

Wasn't there a case a few years ago where a guy wouldn't give up his encryption password and was arguing it would be the equivalent of testifying against yourself and therefore they couldn't make him do it? I don't remember exactly and never read how it turned out, I think he was using a PGP product. I'll see if I can find it.

Update: Here it is... http://news.cnet.com/8301-13578_3-9834495-38.html

 

[blackangst1]

Encrypt everything, doesn't matter if you're hiding something or not. If it's not anyone else's business, then it's not anyone else's business. I love seeing stuff like this. Good find OP.

Agree 100%. I wonder where the "if you dont have anything to hide..." crowd is?

Also, the link/update to the laptop/Canadian border incindent, and in the spirit of keeping law and politics out of it,

Secret Service Agent Matthew Fasvlo, who has experience and training in computer forensics, testified that it is nearly impossible to access these encrypted files without knowing the password. There are no "back doors" or secret entrances to access the files. The only way to get access without the password is to use an automated system which repeatedly guesses passwords. According to the government, the process to unlock drive Z could take years, based on efforts to unlock similarly encrypted files in another case. Despite its best efforts, to date the government has been unable to learn the password to access drive Z.

Years? If this guy used a password with any kind of decent entropy, the subject, his kids, and his grandkids will all be dead before the gov't gets it cracked.

 

[gsellis]

Years? If this guy used a password with any kind of decent entropy, the subject, his kids, and his grandkids will all be dead before the gov't gets it cracked.

Although, sales of the PS/3 to TLA Gov. agencies is probably going up. Buy Sony

 

[mugs]

Wasn't there a case a few years ago where a guy wouldn't give up his encryption password and was arguing it would be the equivalent of testifying against yourself and therefore they couldn't make him do it? I don't remember exactly and never read how it turned out, I think he was using a PGP product. I'll see if I can find it.

Update: Here it is... http://news.cnet.com/8301-13578_3-9834495-38.html

The nice thing about TrueCrypt's hidden volumes is that you could give them a password that would work and they still wouldn't be able to get to your files or prove that you gave them the wrong password.

 

[Gamingphreek]

Well I would say this looks like quite the half-a**ed attempt by the FBI. Why are they trying a Dictionary look-up attack? Anyone who has any computer knowledge knows that you don't use words of phrases susceptible to look-ups.

 

[blackangst1]

Well I would say this looks like quite the half-a**ed attempt by the FBI. Why are they trying a Dictionary look-up attack? Anyone who has any computer knowledge knows that you don't use words of phrases susceptible to look-ups.

Because, unfortunately, most people do. Three lettered agencies know most people use weak entropy when creating passwords, and also know medium to strong entropy passwords will not be cracked in their or their children's lives, so they go with the easiest and hope to get lucky.

 

[Gamingphreek]

Because, unfortunately, most people do. Three lettered agencies know most people use weak entropy when creating passwords, and also know medium to strong entropy passwords will not be cracked in their or their children's lives, so they go with the easiest and hope to get lucky.

Depending on the encryption he used, the passwords could still be cracked. Obviously trying to get through AES-256 with a brute force attack against a good entropy password would be 99.9% impossible with current computing power; however, other encryptions with a better algorithm than a dictionary lookup could potentially have success here.

-Kevin

 

[alkemyst]

They do have special tools though. If it was worth enough to them they could run it brute force off one of their many supercomputers.

 

[Gamingphreek]

They do have special tools though. If it was worth enough to them they could run it brute force off one of their many supercomputers.

That's exactly what I am getting at. Not that the FBI has any super secret "break any encryption" thing, but this certainly isn't anywhere close to their best effort!

 

[shiranai]

Encrypt everything, doesn't matter if you're hiding something or not. If it's not anyone else's business, then it's not anyone else's business. I love seeing stuff like this. Good find OP.

Keep in mind that encryption introduces a performance penalty; the penalty is less, certainly, with AES-NI hardware, but still significant. Full-disk encryption on SSDs also deserves particular consideration because their operating characteristics vary based on the percentage of total space that is written, and full-disk encryption writes to the entire drive, minus reserved space from over-provisioning. Furthermore, over-provisioning and wear-leveling themselves make true data security on SSDs somewhat tricker than on spinning platters. In short, the peace-of-mind provided by encryption is not "free".

Also, Truecrypt 7.0 is out. It includes, among other things, support for AES-NI.

 

[Gamingphreek]

Keep in mind that encryption introduces a performance penalty; the penalty is less, certainly, with AES-NI hardware, but still significant. Full-disk encryption on SSDs also deserves particular consideration because their operating characteristics vary based on the percentage of total space that is written, and full-disk encryption writes to the entire drive, minus reserved space from over-provisioning. Furthermore, over-provisioning and wear-leveling themselves make true data security on SSDs somewhat tricker than on spinning platters. In short, the peace-of-mind provided by encryption is not "free".

Also, Truecrypt 7.0 is out. It includes, among other things, support for AES-NI.

I would be interested in seeing benchmarks on computers support the AES-NI instructions vs. computers without the AES-NI instruction on a full-disk enterprise encryption scheme.

-Kevin

 

[Gamingphreek]

For those that are interested:

http://www.tomshardware.com/reviews/clarkdale-aes-ni-encryption,2538-2.html

It also discusses the different ways to attack AES encryption. A basic dictionary search is not one of them -_-

 

[Chiefcrowe]

Thank you!! i didn't realize that. I'm going to get it now!

Also, Truecrypt 7.0 is out. It includes, among other things, support for AES-NI.

 

[seepy83]

Keep in mind that encryption introduces a performance penalty; the penalty is less, certainly, with AES-NI hardware, but still significant. Full-disk encryption on SSDs also deserves particular consideration because their operating characteristics vary based on the percentage of total space that is written, and full-disk encryption writes to the entire drive, minus reserved space from over-provisioning. Furthermore, over-provisioning and wear-leveling themselves make true data security on SSDs somewhat tricker than on spinning platters. In short, the peace-of-mind provided by encryption is not "free".

Also, Truecrypt 7.0 is out. It includes, among other things, support for AES-NI.

I'm running PGP Whole Disk Encryption on 30 laptops at work. If we ran IOPs benchmarks before and after, I don't doubt that there would be a performance hit from it. But, in day-to-day operations, absolutely no one has noticed any difference in their computing speeds. And these aren't significantly fast computers (they're all 3-4 year old Dell Latitudes). Just my experience...

 

[blackangst1]

Depending on the encryption he used, the passwords could still be cracked. Obviously trying to get through AES-256 with a brute force attack against a good entropy password would be 99.9% impossible with current computing power; however, other encryptions with a better algorithm than a dictionary lookup could potentially have success here.

-Kevin

Encryption used (AES, Serpent, Twofish, etc) has nothing to do with password brute forcing. In other words, a password assigned to a truecrypt container would be the same difficulty to crack as a Winzip folder with the same passowrd. The password may be able to be brute forced, but the encryption (assuming 256 bit) is unbreakable.

AES has been cracked, but only in theory. Hasnt been done in the real world (256 anyway).

http://www.technewsworld.com/story/68538.html?wlc=1279917423


You probably know this, but just wanted to clarify.

 

[blackangst1]

They do have special tools though. If it was worth enough to them they could run it brute force off one of their many supercomputers.

The only "special tools" they have is computing power which effectively just means more password attempts per minute. There are no tools, however, to crack encryption. Thats the point I was originally making. If the three lettered agencies has some special tools or knowledge the private sector didnt, why did they enlist the private sector to come up with an AES standard? Why wouldnt they just use their "super secret" encryption methods? And where are the court cases where <insert three lettered agency here> cracked some terrorist or child porn king's encrpytion which led to a conviction?

Hell...a class F attack (1,000,000,000 Passwords/sec) attack would take 53,185 Years to crack a 15 character upper/lower case password.

http://www.lockdown.co.uk/?pg=combi

http://www.zdnet.com/blog/ou/is-encryption-really-crackable/204

Ah, but what about the dreaded massively distributed cracking brute force method for attacking something like 128 bit RC5 encryption? There are massive zombie farms of infected computers throughout the world and some may have gotten as big as 1 million infected computers. What if that entire army was unleashed upon the commonly used 128 bit RC5 encryption? Surprisingly, the answer is not much. For the sake of argument, let&#8217;s say we unleash 4.3 billion computers for the purpose of distributed cracking. This means that it would be 4.3 billion or 2 to the 32 times faster than a single computer. This means we could simply take 2 to the 128 combinations for 128-bit encryption and divide it by 2 to the 32 which means that 2 to the 96 bits are left. With 96 bits left, it&#8217;s still 4.3 billion times stronger than 64 bit encryption. 64 bit encryption happens to be the world record for the biggest RC5 bit key cracked in 2002 which took nearly 5 years to achieve for a massive distributed attack.

Now that we know that the distributed attacks will only shave off a few bits, what about Moore&#8217;s law which historically meant that computers roughly doubled in speed every 18 months? That means in 48 years we can shave another 32 bits off the encryption armor which means 5 trillion future computers might get lucky in 5 years to find the key for RC5 128-bit encryption. But with 256-bit AES encryption, that moves the date out another 192 years before computers are predicted to be fast enough to even attempt a massively distributed attack. To give you an idea how big 256 bits is, it&#8217;s roughly equal to the number of atoms in the universe!

Encryption strength and the number of bits used are selected based on how many decades the data needs to be kept safe. For a secure E-Commerce transaction, the data being transmitted is moot after a few decades which is why 128-bit encryption is perfectly suitable since it&#8217;s considered unbreakable for the next few decades. For top secret classified data that needs to remain secret for the next 100 years, the Government uses NIST certified 256-bit AES encryption. So the next time someone tells you that encryption is crackable, ask him if he&#8217;ll be around on this earth to see it demonstrated.

 

[shiranai]

What you are actually saying is that your particular day-to-day operations don't need the IOPS throughput of the hardware you are using. While that's fine, that's not the same as saying that encryption has no effect on performance. To be clear, my point is not that the performance penalty makes encryption inappropriate for all, or even most, users. I am cautioning against the idea of just "encrypting everything" by default, as though there were no downsides to doing so.

I'm running PGP Whole Disk Encryption on 30 laptops at work. If we ran IOPs benchmarks before and after, I don't doubt that there would be a performance hit from it. But, in day-to-day operations, absolutely no one has noticed any difference in their computing speeds. And these aren't significantly fast computers (they're all 3-4 year old Dell Latitudes). Just my experience...