What if your laptop or hard drive with sensitive data is stolen or you lost it?

Web privacy and security of the data is an area with constant limelight, but what about data that is locally on our systems?

Encryption is the way to achieve data protection on disk. This is especially needed if you are working at an enterprise and are storing sensitive business information.

We at our company wanted to encrypt our laptops and hence I did this below survey of all the available methods and a brief overview of how they work internally.

Need for system-level encryption:

• To protect the data in case of accidental loss or theft of the disk/ device.
• To protect the data from physical access by unauthorized people.
• Disk/ device when discarded after the end of their life.

Encryption ensures that files are always stored on disk in an encrypted form. The files only become available to the operating system and applications in readable form while the system is running and unlocked by a trusted user. An unauthorized person looking at the disk contents directly will only find garbled random-looking data instead of the actual files.

Level's of encryption:

User space:

1. Application level encryption

Kernel space:

1. Filesystem encryption
2. Full disk/ HDD encryption
3. Volume encryption
4. Partition encryption

AES is the default encryption algorithm used in almost all types of below encryptions which is a symmetric block cipher encryption. Hence all the below encryptions work based on a passphrase/ password (single key).

Since it uses passphrase/ password entered by the user to generate the encryption key, if the user forgets it, it's the end of the story!

Does the encryption (especially full disk one) reduce the lifetime of the HDD or SSD?

In general, No. As you can see from the above picture, there is no need to perform extra reads or writes because the encryption module encrypts the data before the data is written to the platters and decrypts before it is sent to the process that performed the read. This is because most of these encryption algorithms use block ciphers (which is basically using blocks of data instead of one character to encrypt/ decrypt).

Filesystem encryption:

Filesystem-level encryption or file/folder encryption is a form of disk encryption where individual files or directories are encrypted by the file system itself.

The common way of achieving this is by Stacked filesystem encryption solution. These are implemented as a layer that stacks on top of an existing filesystem, causing all files written to an encryption-enabled folder to be encrypted on-the-fly before the underlying filesystem writes them to disk, and decrypted whenever the filesystem reads them from disk. This way, the files are stored in the host filesystem in encrypted form (meaning that their contents, and usually also their file/folder names, are replaced by random-looking data of roughly the same length), but other than that they still exist in that filesystem as they would without encryption, as normal files/ symlinks/ hardlinks, etc.

Home folder encryption is the most common file encryption, in which everything in HOME folder will be encrypted and decrypted on system login (boot time). From Ubuntu 18.04 support for this is stopped and only full disk encryption works.

Available solutions are eCryptfs(used by Ubuntu (until 16.04) and by chrome OS) and EncFS.

Disadvantages:

• Cannot encrypt swap partitions, /tmp, /var, etc. system directories which may store sensitive user data.
• File metadata (number of files, dir structure, file sizes, permissions, etc.) is not encrypted but names of files and folders are.

Read more:

The way it is implemented, is that to unlock the folder storing the raw encrypted files in the host filesystem ("lower directory"), it is mounted (using a special stacked pseudo-filesystem) onto itself or optionally a different location ("upper directory"), where the same files then appear in readable form - until it is unmounted again, or the system is turned off.

Full Disk encryption:

Full Disk Encryption is the process by which every bit of data that goes on a disk is encrypted. Everything on a disk, including the operating system, is encrypted. MBR(Master boot record which is responsible to load the OS) is not encrypted. Some hardware-based full disk encryption systems can truly encrypt an entire boot disk, including the MBR.

Operates below the filesystem layer. Doesn't care whether the content of the encrypted block device is a filesystem, a partition table, a LVM(Logical volume manager used to manage partitions) setup, or anything else.

Available solutions are: Loop-AES, dm-crypt +/- LUKS, VeraCrypt. Ubuntu(in fact most Linux systems) by default uses dm-crypt+LUKS. All of these are block device encryptions.

Advantages:

• Can be done during OS installation.
• Everything including the swap space and the temporary files are encrypted, ensuring no confidential data is inadvertently left unprotected.
• The decision of which files to encrypt is not left up to users.
• Installation of keyloggers or other Trojan horses becomes difficult with full disk encryption even with full system physical access.
• Immediate data destruction, such as simply destroying the cryptographic keys (crypto-shredding), renders the contained data useless. Although physical destruction an option available always.

Disadvantages:

• Attackers can break into the system over the internet or other ways after we have unlocked and mounted the encrypted parts of the disk and while it is running. (also a cold boot attack is possible)
• A government entity may simply force the individual to give up the keys/ passphrases.
• Cannot be done after installing the operating system. Need to enable/ setup only during OS installation process.
• No proper GUI (except when using Veracrypt which is a 3rd party software for full disk encryption.)

One solution to the above disadvantages can be using Hardware-based full disk encryption (especially to the above first disadvantage) which removes the computer memory as a potential attack vector.

How to accommodate multiple users in one system in case of encryption?

Passphrase/ keys should be shared.

What if the OS crashes or something else gets corrupted, how to retrieve the encrypted data on hard-disk?

Taking regular backups of the important data is the easy and recommended way.

What if the user forgets passphrase/ password?

End of the story. Although we can employ recover mechanisms, then it doesn't truly serve the purpose of the encryption.

How to change the passphrase/ password?

For full disk encryption:
Using a utility called cryptsetup

For file/ folder encryption:
ecryptfs-mount-private command (if encrypted using ecryptfs which is common way in ubuntu until 16.04)

How to choose a secured passphrase/ password?

Check out these articles which gives a good insight on how to choose one.

1. https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html
2. https://www.iusmentis.com/security/passphrasefaq/
3. https://en.wikipedia.org/wiki/Password_strength

Where to store the keys (passphrase/ password)?

1. Key management software.
2. Password managers.
3. Muscle memory.
4. An HSM or other hardware key management appliance, which provides the highest level of physical security.

Is the passphrase/ password we enter is the key to encrypt the entire data?

No. Firstly since this is symmetric encryption, there is one Master Key (No, not the passphrase you enter) that can decrypt's everything. The Master key is generated during the encryption time and is stored in encrypted form along with encrypted data on the disk (yes side by side with data).

The entropy(randomness) of the key is of utmost importance for the security of the encryption. A randomly generated byte string 32 bytes (256 bits) has desired properties. But can you remember 32 letters of a passphrase? Which is why passphrase is not the master key.

This is what happens after you enter the passphrase:

step 1: User enter's passphrase at mount time

step 2: A Key derivation function is applied to this Mount passphrase (e.g PBKDF2 also used by Django along with salt) which generates a Mount key.

step 3: This above Mount Key is used to decrypt the encrypted Master key generated during the process of File system/ Full disk encryption.

step 4: This decrypted Master Key decrypts everything now.

This is a slow process but as it only happens during mount time, so won't be significant.

Interesting fact about file system encryption using eCryptfs or encFs:

Each and every file is encrypted with a unique, randomly generated key called the 'fek' (which is stored in the header of the file, and wrapped with the MOUNT passphrase). What this means is that two cleartext files that are binary equivalent encrypt to two completely different ciphertexts.