By Angela Gunn, Betanews
[NOTE FROM THE M.E. For over two decades, I've made a living in one way or another from being "the Windows guy." And in recent months, what you've been seeing from us at Betanews has been Windows 7, Windows 7, Windows 7 -- at one point, ten times in a row. Last month, I concluded our ongoing series about my picks for Top 10 Features in Windows 7. And I received a number of letters from folks who claimed that Linux did this first, or already did that several years ago, or does this better.
Really, now? Well, perhaps so. To find out for sure, I've commissioned a new Betanews series that seeks out whether, for features that Microsoft touts as supreme or new or of special value, similar functionality exists in some form or fashion for users of Linux client operating systems. To make sure I get a fair answer on this -- one that isn't biased in favor of Windows -- I've asked our Angela Gunn, who has more experience with Linux than I, to start digging. And to make sure she's digging in the right place, we've asked Jeremy Garcia, founder of LinuxQuestions.org, one of the Web's leading Linux user communities, to lend his voice to our evaluation. You and I are about to find out, once and for all, the answer to the musical question...]
Our subject today is full-disk encryption, that useful security tool that keeps data on your hard drive safe even if the drive itself is in peril. It's the feature that Microsoft would have you spend an extra $120 for when upgrading to Windows 7 Ultimate. We'll compare the Windows approach to the problem with that of a leading Linux contender. (Mac folk, your turn may come. And then again maybe it won't.) And to make dead sure that we're balancing out the Windows fans on staff (looking at you, Mr. Fulton), we've asked Jeremy Garcia, Founder of LinuxQuestions.org, to provide insight into the comparison.
With data and computing devices ever smaller and easier to lose (or abscond with), companies in data-sensitive industries as well as the federal government have gotten serious in recent years about protecting the data on a drive even when the drive itself has been compromised.
Enter full-drive encryption, which protects data at rest (DAR) -- that is, even when no one's actively trying to access the data, it's safe. (Arguments that data is only at risk when not at rest will be entertained in other articles; that's not what we're doing here. Also, though Seagate popularized the term "full disk encryption," it has passed sufficiently into common usage to be an effective category descriptor.) FDE also provides some protection from PEBKAC security vulnerabilities, encrypting temporary and swap files and relieving the user from the hideous burden of protecting individual files or folders.
Many would argue that BitLocker has no place in a conversation about full-disk encryption, because it doesn't encrypt the full disk; the boot volume is still separate, so really it's just a variety of volume encryption. Still, BitLocker is the go-to utility in the Windows realm for Vista machines and (soon) Windows 7 and Windows Server 2008 R2 machines -- not the only FDE option, or even necessarily the most robust, of course, but the one that's most easily available on modern versions of the operating system, since Microsoft bakes it right in. It's included in Vista Enterprise, Vista Ultimate, and Windows Server 2008. It utilizes Trusted Platform Module (TPM), the secure encryption processor present on some motherboards.
Redmond was, frankly, late to this particular party, releasing BitLocker in 2006. As for Linux, excellent encryption has been available for years for all levels of encryption -- individual files, whole folders, or entire drives/volumes. TrueCrypt began life in 2004 as a Windows-only product branching out to Linux in late 2005. (Linux Unified Key Setup, or LUKS, is another open source alternative that's included in Linux kernel versions 2.6.x, Garcia reminds us.)
"As you might expect, the Microsoft option is not Open Source...so you really have no idea about the quality of the implementation or the flaws it may contain," Garcia told Betanews.
Now let's take a look at these full disk encryption options feature-by-feature:
Trusted Platform Module support TPM is technology that doesn't sit well with everyone, and there are perfectly good FDE options that don't make use of the "Fritz chip." BitLocker can use TPM if it's there, but can be set up not to use it, especially for non-Intel vPro platform computers. "To use BitLocker on a computer without a TPM, you must change the default behavior of the BitLocker setup wizard by using Group Policy, or configure BitLocker by using a script," states Microsoft's documentation. "When BitLocker is used without a TPM, the required encryption keys are stored on a USB flash drive that must be presented to unlock the data stored on a volume."
Algorithms BitLocker uses the AES encryption algorithm in CBC mode with a 128- or 256-bit key, plus an extra "Elephant" diffuser; though AES is a public-domain algorithm, Microsoft's implementation is closed-source. TrueCrypt offers several AES flavors (AES, AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish AES), all with a 256-bit key, along with Serpent, Twofish, and Twofish-Serpent. The mode of operation in all cases is XTS, which is the IEEE 1619 standard for disk encryption.)
Multifactor authentication BitLocker allows additional layers of authentication -- a PIN, a thumb drive with a startup key -- as long as the utility has been enabled on a machine with TPM. BitLocker users can boot from the hard drive as they usually do; that is, with their usual Vista password (transparent mode) or, for added security, with a PIN and/or a USB key (on TPM machines). Also, for machines running a BIOS that can read a USB at the pre-boot stage, one can also boot in "USB Key Mode" -- very handy in case the user's lost the password. On the TrueCrypt side, two-factor authentication is likewise an option.
Next: If BitLocker comes pre-installed, isn't installation a factor in Linux?
Installation BitLocker drive preparation has been a notorious pain under Vista, with the necessary BitLocker Drive Preparation Tool available through Ultimate Extras and for Vista Enterprise and Windows Server 2008. (BitLocker has been incorporated into Windows 7 for machines with TPM.) Installation is notoriously cranky, and woe betide the user who doesn't partition the drive correctly -- two partitions are required -- before installing the OS.
On Linux, Debian has for years included the ability to set up a fully encrypted system right from the installer, if that how you prefer to go about it. TrueCrypt, on the other hand, has a wizard allowing you to create an encrypted file container, encrypt a non-system partition or drive, or encrypt an entire system partition or drive. The volume or drive must be empty of files before installation, but one needn't flush the entire OS.
I asked Jeremy Garcia if he would characterize ease of installation as a major concern for the community. "While I've never used BitLocker, it looks quite a bit more difficult to setup than TrueCrypt," he responded. "As you note though, most distributions now offer the ability to set up an encrypted partition right from inside the installer. Ubuntu uses dm-crypt behind the scenes. I actually wrote an article about TrueCrypt for Linux Magazine a while back, and the feedback I got did not indicate many people had install issues."
Extra protection The problem with FDE is that once the disk is legitimately accessed, it isn't protected at all from attacks by someone who has access to the unlocked machine. If your laptop is swiped while it's up and running, or if a file is plucked from the machine while it's unlocked, you're out of luck. However, TrueCrypt allows one to set up a "hidden" volume within the larger encrypted volume; in case access is gained to the drive, the volume appears to be simply a collection of random data. Individual files can also be encrypted.
BitLocker also allows encryption of secondary volumes, though if you're not yet running Vista SP1 it's a command-line setup process that even Microsoft's documentation says is for advanced users only. And the volumes aren't hidden. BitLocker cannot be used to encrypt individual files.
Thumb-drive protection Both BitLocker and TrueCrypt allow you to encrypt an entire storage device, such as a USB flash drive. Drives are encrypted in BitLocker must as any other drive would be; they'll work seamlessly with the machine on which they were originally configured, but to use them on any other BitLocker-enabled machine, you'll need to "Unlock Volume" and use the recovery key to gain access again. (If the machine doesn't have BitLocker, you're out of luck.) TrueCrypt allows you to encrypt an entire thumb drive, but you won't be able to actually run TrueCrypt from that drive. Instead, you'd create a file container on the USB drive, then store TrueCrypt alongside that container, after which you should be able to operate on any machine.
"You can't run BitLocker from that drive either, can you?" asked LinuxQuestions.org's Garcia. "It's really just a matter of having TrueCrypt on each machine you use, and as you mention, you can easily store a copy on an unencrypted partition on the drive."
Protection during hibernation Hibernation is not a great idea for machines running FDE for various reasons, including the threat of "cold-boot attacks" (see below). However, BitLocker does make a point of encrypting a hibernation file if one is present. TrueCrypt does not.
Key recovery When things go wrong, unless the administration has set up the system to store the private key on a removable drive, BitLocker users will need access to the local administrator account. With the individual user's account password, the key can be recovered -- it's stored on the local system. (This can lead to problems if the would-be intruder knows the admin password, obviously.) It's trickier with TrueCrypt -- under Linux, if the password or keyfile is truly gone, your data's locked on the disk forever. On the other hand, you've gained a lovely paperweight about which you can tell pitiful stories for years to come.
The TrueCrypt FAQ notes there is no "back door" provided for administrative users who need to find a way into users' encrypted drives when they've lost the password. However, there is a way for admins to enable themselves to reset the volume password and/or pre-boot authentication password.
Support On one hand, Microsoft. On the other hand, the TrueCrypt user forums. Choose your poison.
What about that freaky hard-drive attack with the canned air? As we learned last year, the "cold boot attack" can affect any FDE scheme that doesn't authentication before booting, whether it's coming back from a power-off or from mere hibernation. Researchers were able to reconstruct the all-important encryption key by switching on a shut-down machine fast enough to grab the residual electrical changes in RAM -- a time window which as it turned out lasts rather longer if you simply chill the chps to subzero temperatures. Almost no one was spared -- BitLocker, FileVault, dmcrypt, and TrueCrypt were all vulnerable.
Any interesting outliers in the FDE space? If you're seriously comparing Windows to Linux, it's a fair bet you're not too worried about whether a particular piece of software is free as stipulated by the GNU General Public License. But if you are looking for a GNU-compliant Windows package on the level of a TrueCrypt or a BitLocker, there is, of course, TrueCrypt for Windows itself. Also check out DiskCryptor, which bills itself as "the only truly free solution." DiskCryptor criticizes TrueCrypt for placing limits on what developers may do with that program's source code, and derides other packages as "fully proprietary ones, which makes them unacceptable to use for protection of a confidential data." And if, at the other philosophical extreme, your organization prefers to utilize TPM technology, Linux FDE options supporting the chip include CheckPoint and eCryptfs.
All that having been said, what's the verdict? With respect to being able to use full disk encryption functionality in Linux the way Microsoft intends for its customers to use it in Windows, the answer to this Can Linux Do This question...is yes.
Copyright Betanews, Inc. 2009