Forensics Challenges. Windows Encrypted Content John Howie CISA CISM CISSP Director, Security Community, Microsoft Corporation

Similar documents
Software Vulnerability Assessment & Secure Storage

SecureDoc Disk Encryption Cryptographic Engine

MU2b Authentication, Authorization and Accounting Questions Set 2

Configuring File Server Resource Manager (FSRM)

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Endpoint Protection with DigitalPersona Pro

Encrypting stored data

Expert Reference Series of White Papers. BitLocker: Is It Really Secure? COURSES.

Functional Documentation for "NFC CSP Light" Version 1.0

ms-help://ms.technet.2004apr.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/howto/efsguide.htm

10/4/2016. Advanced Windows Services. IPv6. IPv6 header. IPv6. IPv6 Address. Optimizing 0 s

OS Security IV: Virtualization and Trusted Computing

Part I. Windows XP Overview, Installation, and Startup COPYRIGHTED MATERIAL

File System NTFS. Section Seven. NTFS, EFS, Partitioning, and Navigating Folders

PKI Credentialing Handbook

Integration Guide. SafeNet Authentication Client. Using SAC CBA with BitLocker

Credant CmgCryptoLib Version 1.7 Credant Cryptographic Kernel Version 1.5 FIPS Non-Proprietary Security Policy, Version 1.7 Level 1 Validation

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced. Chapter 7: Advanced File System Management

FIPS Security Policy. for Marvell Semiconductor, Inc. Solaris 2 Cryptographic Module

Using SimplySecure to Deploy, Enforce & Manage BitLocker

GSE/Belux Enterprise Systems Security Meeting

Security Pop Quiz Domain 5 for the CompTIA A+, Network+ and Microsoft Certifications

TLS Client Certificate and Smart Card Logon

SafeGuard Enterprise user help. Product version: 8.0

Certification Authority

6293A Troubleshooting and Supporting Windows 7 in the Enterprise

USER MANUAL FOR SECURE E MAIL MICROSOFT OUTLOOK (2003)

Exam Questions

Advanced Security Measures for Clients and Servers

BitLocker Group Policy Settings

This Security Policy describes how this module complies with the eleven sections of the Standard:

1. from the Start menu (figure 1.) or 2. from the System tray, by right-clicking on the icon (Golden key) (figure 2)

PASSWORDS & ENCRYPTION

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Encrypted containers for secure file transport

WHITE PAPER. Authentication and Encryption Design

TFS WorkstationControl White Paper

Acronis Backup & Recovery 11 Beta Advanced Editions

Owner of the content within this article is Written by Marc Grote

Trusted Computing Group

SECURE CLOUD BACKUP AND RECOVERY

Server. Drive. review of. depth. to be

Windows 10 and the Enterprise. Craig A. Brown Prepared for: GMIS

Veeam Endpoint Backup

Deploying Secure Boot: Key Creation and Management

A+ Guide to Managing and Maintaining Your PC. Managing and Supporting Windows XP

BitLocker Encryption for non-tpm laptops

Technical Brief Distributed Trusted Computing

Lotus Domino Security NSL, Web SSO, Notes ID vault. Collin Murray Program Director, Lotus Domino Product Management

Table of Contents. Table of Figures. 2 Wave Systems Corp. Client User Guide

UNIT - IV Cryptographic Hash Function 31.1

Trusted Computing and O/S Security

ZENworks 2017 Full Disk Encryption Pre-Boot Authentication Reference. December 2016

SafeNet Authentication Client

Encryption. INST 346, Section 0201 April 3, 2018

ECCouncil Computer Hacking Forensic Investigator (V8)

CS 161 Computer Security

and File Encryption on ios with S/MIME and PGP

InfoWatch CryptoStorage. User Guide

Backup, File Backup copies of individual files made in order to replace the original file(s) in case it is damaged or lost.

Windows Core Forensics Forensic Toolkit / Password Recovery Toolkit /

Veeam Agent for Microsoft Windows

SafeGuard Easy Demo guide. Product version: 6 Document date: February 2012

SafeGuard Enterprise. user help. Product Version: 8.1

Microsoft Windows Encrypting File System (EFS) Certificate Migration from XP to VISTA (also works with Windows 7) Instruction Guide

Security Digital Certificate Manager

Application of Cryptography in.net Framework

Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin

Hewlett-Packard Development Company, L.P. NonStop Volume Level Encryption (NSVLE) Product No: T0867 SW Version: 2.0

Full file at Chapter 2: Securing and Troubleshooting Windows Vista

Machine Language and System Programming

Extending Security Functions for Windows NT/2000/XP

SECARDEO. certbox. Help-Manual. Secardeo GmbH Release:

Farewell Syskey! 2017 Passcape Software

Windows Server 2003 Network Administration Goals

Notes: Describe the architecture of your product. Please provide also which Database technology is used for case management and evidence management.

TPM v.s. Embedded Board. James Y

Enable the Always Offline Mode to Provide Faster Access to Files

Vendor: ECCouncil. Exam Code: EC Exam Name: Computer Hacking Forensic Investigator Exam. Version: Demo

NoSpamProxy 12.2 Outlook Add-In User Manual. Protection Encryption Large Files

Security Enhancements

Designing and Managing a Windows Public Key Infrastructure

CERN Certification Authority

Fix Three Common Accounting Firm Data Vulnerabilities

DataTraveler 5000 (DT5000) and DataTraveler 6000 (DT6000) Ultimate Security in a USB Flash Drive. Submitted by SPYRUS, Inc.

Digital Certificates Demystified

New 8.5 Notes Shared Login "Gotchas"

Indeed Card Management Smart card lifecycle management system

Click to edit Master. Trusted Storage. title style. Master subtitle style Seagate Technology

AccessData Advanced Forensics

UEFI, SecureBoot, DeviceGuard, TPM a WHB (un)related technologies

Oracle Solaris Kernel Cryptographic Framework Software Version 1.0 and 1.1


Trusted Platform Module (TPM) Quick Reference Guide

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

The SafeNet Security System Version 3 Overview

CERTIFICATES AND CRYPTOGRAPHY

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

IBM. Security Digital Certificate Manager. IBM i 7.1

Installation and Startup

Transcription:

Forensics Challenges Windows Encrypted Content John Howie CISA CISM CISSP Director, Security Community, Microsoft Corporation

Introduction Encrypted content is a challenge for investigators Makes it difficult to obtain evidence Cost of data recovery when encryption is involved very high Often precludes use in non-investigative scenarios Understanding how Microsoft implements encryption can Enable investigators to identify the owner of encrypted data Can request access to protected content Lead investigators to recovery keys Can be used to access content without owner s permissions Contrary to belief there is no encryption backdoors Even for Microsoft itself or for governments

Overview Overview of Windows Encryption The Encrypting File System Rights Management Services S/MIME and Exchange The Future: BitLocker Planning for Future Investigations

Overview of Windows Encryption

Windows Encryption Microsoft has built encryption into several products Examples include: Encrypting File System (EFS) Rights Management Services (RMS) S/MIME in Outlook Encryption is not centralized Found in user DLLs, applications, and the kernel Will be centralized in Vista and Longhorn Server Designed to be secure Keys are strongly protected

Encryption Algorithms Most technologies use Cryptographic Service Providers Algorithms and Key Lengths supported vary by CSP Microsoft ships several CSPs Third party CSPs are available While there are many algorithms, few used in products Strong trend away from DES, 3DES, RC4, etc Customers asking for stronger algorithms High demand for pluggable-crypto Customers want to control which algorithms are used, and when

Key Storage Keys are created by applications and the OS as needed Keys are not kept in memory and are securely deleted Difficult given complier optimization Keys are usually stored in users profiles Profile is created when user first logs on Keys protected by DPAPI

Key Storage and Roaming Users Users who logon to many systems have profiles on each Required keys must be in profile before it can be used May prevent user getting access to data or creating signatures if key is in profile on one system while user is logged on to another Two solutions for users who use multiple systems Roaming profiles Copy of profile stored on server and downloaded when user logs on and uploaded when user logs off Available in Windows 2000 and later DIMS Keys are securely downloaded to client from server Windows 2003 SP1 support only

Data Protection API (DPAPI) Introduced in Windows 2000 Part of the CryptoAPI DPAPI creates a MasterKey The MasterKey is not used to encrypt keys directly MasterKey combined with random data Additional entropy can be provided by applications Random data stored with encrypted data

DPAPI in Action MasterKey Plaintext Application Entropy Encrypt Random Data Random Data Ciphertext

The MasterKey Protected by user s password PKCS #5 generates key from user s password Triple-DES used to encrypt MasterKey Encrypted MasterKey stored in user profile When the user password is changed MasterKey decrypted with old password MasterKey encrypted with new password Old password recorded just in case

The MasterKey (continued) Changes every three months Old MasterKeys kept to access older content MasterKey is backed up automatically DPAPI uses Domain Controller s public key Encrypted key stored with password protected key Can be sent to Domain Controller to be decrypyted It is not safe to reset the user s password to access their encrypted content Windows designed to defeat this style of administrator attack

The MasterKey in Workgroups Resetting a password locks out MasterKey All protected data is lost, including keys Users can create a Password Reset Disk Public-private key pair is created Public key is used to encrypt user password Encrypted password stored in SAM Private key written to PRD Look for a Password Reset Disk during investigations!

The Encrypting File System (EFS)

Introduction to EFS Introduced in Windows 2000 Updated in Windows XP and Windows Server 2003 Uses a different, stronger algorithm and key length Implemented as a file system filter driver Layered on top of NTFS Certificate-based technology EFS can issue its own certificates Leverages Enterprise Root CA if available

How EFS Works 1. Users obtain EFS Certificates 2. Random File Encryption Key (FEK) is generated 3. File contents are encrypted with FEK and stored in secure temporary file

How EFS Works (continued) 4. FEK is encrypted with public key from each authorized user s EFS Certificate 5. FEK is encrypted with public key from each EFS Recovery Agent Certificate 6. Encrypted FEKs and encrypted content is written to file

How EFS Works (continued) File Header FEK Encrypted with public key of authorized user #1 FEK Encrypted with public key of authorized user #2 FEK Encrypted with public key of authorized user #3 FEK Encrypted with public key of Recovery Agent #1 FEK Encrypted with public key of Recovery Agent #2 Data Decryption Fields Data Recovery Fields File Data Contents of file encrypted with FEK

Recovery Agents EFS provides for recovery if user loses private key Designated user accounts become Recovery Agents Recovery Agents decrypt content on systems where their private key is stored May be different system from that on which content was created

Recovery Agents (continued) Windows 2000 Administrator is a Recovery Agent: In workgroup environments Where no Enterprise Root CA exists Windows XP, 2003 No default Recovery Agent

Recovery Agents Certificates Where an Enterprise Root CA exists: Recovery Agents request an EFS Recovery Agent certificate EFS Recovery Agent certificates distributed to workstations by Group Policy EFS automatically encrypts FEK with public key in EFS Recovery Agent Certificates

Accessing EFS Content Easiest option is to logon with user s account to access content Must logon to system where private key is stored Requires you to know user s password PRD can be used for workgroup users RAINBOW tables can be used if hash is known

Using Recovery Agents Recovery Agent account can be used Content may need to be moved to system where Recovery Agent s private key is stored NTBACKUP.EXE can be used Recovery Agents cannot be added retroactively FEK is encrypted with new Recovery Agents when file is next opened

Rights Management Services (RMS)

Introduction to RMS Client-Server Technology Based on XrML 1.2 Standard (www.xrml.org) RMS Server runs on Windows 2003 Server Clients can be Windows 98 SE and later Applications must be RMS-aware The Microsoft Office System (Office 2003) Rights Management Add-on (RMA) for IE ISV-supplied applications

How RMS Works All users identified by Rights Management Account Certificates (RACs) Symmetric key created to encrypt content Publish License created with users and rights defined by author, and symmetric key encrypted by public key of License Server

How RMS Works (continued) Recipient presents Publish License and RAC to License Server URL of RMS License Server in license License Server decrypts key in Publish License with its private key

How RMS Works (continued) RMS Server binds symmetric key encrypted with user s public key and rights into Use License Application takes Use License, decrypts encrypted content with user s private key, and enforces rights Only trusted applications may use RMS

Protected Office Document Publish License XrML formatted stream (partially encrypted) Document metadata Office document properties in cleartext Document data AES 128-bit or DES 56-bit encrypted content

Recovering RMS Content User account grants access to content Opening content gets Use License RAC obtained if not present on workstation Members of superusers group can access any content protected by License Server Set group using RMS management interface Manage group membership using AD tools

RMS Forensic Considerations Each application defines own file format RMS data is in standardized format (XrML) Need original content authoring application Office applications store Use Licenses in documents if user has write access Has implications for chain of custody

S/MIME and Exchange

How S/MIME Works Sender creates email message Random symmetric key generated and message is encrypted Symmetric key encrypted with public key from recipient s X.509v3 certificate

How S/MIME Works (continued) Encrypted key and encrypted content sent to recipient Recipient decrypts encrypted symmetric key with their private key Message decrypted with symmetric key

X.509v3 Certificates Certificates can be issued by: Microsoft Certificate Services Enterprise CA integrated with domain Standalone CA Independent Certification Authority Certificate and private key required to access S/MIME protected email Private key protected by DPAPI

Forensic Considerations Unlike EFS and RMS, application entropy often used to secure access to X.509v3 S/MIME certificate private key Usually in the form of a PIN entered by user Resetting password and using PRD won t help

Recovering S/MIME Email First try resetting user password If domain user or PRD available Check for presence of key escrow system Exchange 2000 with Key Management Service Windows Server 2003 Enterprise Edition Certificate Services

The Future: BitLocker

BitLocker Volume Encryption Formerly called Full Volume Encryption (FVE) Will be introduced in Vista Works by encrypting entire disk volumes Not just folders and files like EFS BitLocker systems require at least two volumes System volume (from which the OS boots) is not encrypted Contains some of the OS start-up files that understand BitLocker BitLocker-protected volumes

BitLocker Volume Encryption (continued) BitLocker encryption keys stored on System volume Keys are encrypted When Vista boots BitLocker keys are decrypted using encryption key stored on Trusted Platform Module (TPM) v1.2 security chip USB key drive inserted into machine at boot time Recovery Agent functionality will be available for Broken laptop where hard disk is inserted into new laptop Lost USB key drive

Planning for Future Investigations

Workstations and Users Make each workstation and user a member of a domain Allows DPAPI MasterKey recovery Restrict user access to a single workstation or use roaming profiles Know where private keys are held DIMS not viable yet

The Encrypting File System In a domain environment Create EFS Recovery Agent accounts Requires Enterprise CA Backup the private keys In a workgroup environment Create EFS Recovery Agent account for Windows XP systems Backup the private keys

S/MIME If running Exchange 2000 Deploy Certificate Services and Exchange Key Management Service If running Windows Server 2003 Enable Certificate Services Enterprise Edition key archival and recovery functionality

Thank You! For more information, and to contact me: jhowie@microsoft.com

Questions and Answers

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback