Video Screencast Help
Encryption Blog

Passware Claims to "Instantly Decrypt PGP," I Don't Think So!

Created: 29 May 2012 • Updated: 05 Nov 2012 • 1 comment
Kelvin_Kwan's picture
+3 3 Votes
Login to vote

Passware recently blogged about the ability to "instantly decrypt PGP Whole Disk Encryption" with their latest release of Passware Kit 11.7.

Based on deeper investigation from Symantec engineering, it has been concluded that a properly configured PC is not vulnerable to this Passware claim.

A Whole Disk Encrypted machine is not vulnerable to an offline attack. If an attacker was to steal a machine in an offline state (powered off or hibernating state) the first place they would look for the key information is in the hibernation file or crash dumps. The problem, however, is that this is only possible if the PC was not encrypted at the disk block level. You cannot get to the hibernation file or the crash dumps since this information is in an encrypted state, and you would need to authenticate to the disk first to get to those files. Obviously, if you can authenticate to the disk, then you already know the passphrase. However, with memory analysis, the Passware product is able to retrieve key material used by higher-level encryption applications like Microsoft Word. This is exactly why you need WDE even if you use higher-level encryption products.

Another issue is if some sort of malware is already installed on the running computer. This malware could, in theory, locate the encryption keys held in memory and use them to access the encrypted disk. This is possible because PGP WDE uses a unique disk encryption key for every disk that is encrypted. The disk encryption is unlocked with proper preboot authentication and stays in kernel memory to encrypt/decrypt disk block access in real time. The disk encryption key is not obfuscated and access to it is limited to only trusted processes by the Windows security sub-system. However, a process with elevated privileges has unlimited access to all memory and hardware resources on a running Windows system. That's why PGP WDE is not a substitute to other endpoint protection tools like anti-virus, anti-malware, and advanced persistent threat solutions.

What Passware is claiming is the ability to retrieve the disk encryption keys for WDE through memory analysis. In theory, this is possible if someone is able to run the Passware utility with elevated privileges on a running Window system. This does not defeat the main threat model PGP WDE addresses, which is to protect data at rest. PGP WDE protects all memory dumps that Windows generates, including hibernation files, application memory dumps, and kernel memory dumps. Thus PGP WDE encrypted laptops when at rest, are fully protected from any memory analysis tools for probing encryption keys. This protection extends to all WDE encryption keys, as well as third party encryption keys.

Once powered on and authenticated to, you will need other forms of security to prevent malware or the like from attempting to retrieve your keys.

Comments 1 CommentJump to latest comment

MariaF's picture

Well I certainly don't often see a malware company openly boast about its ability to hack and steal passwords. That got me a little worried, but thankfully, it seems as long as you have adequate protection on your computer, you are able to safeguard this threat. Now it is up to them to see how they can bypass my commercial anti-virus software.

Best Regards / Maria /

Login to vote