Overview
Syllabus
Attacking & Defending Full Disk Encryption By Tom Kopchak
management
performance implications
data recoveryo
What's Next? memory
Verifying Full Disko Encryption
Trust but Verify
Breaking Encryption Is Hard Look for Weakest Link Think Outside the Box Profit!
Encrypted Laptop STOLEN It's safe, right?
The Solution Forensics Penetration Testing Zero Knowledge vs
Fully Encrypted Administrator Confidence: 100%
Machine Powered Off Full Disk Images Created
Grace period for pre-boot authentication lockout
Downgrade memory Leverage DMA - Exploit OS
Failure of a Encryption? Encryption Did Not Fail! Convenience vs. Security Zero knowledge attack
Understand the Vulnerabilities Physical access Unattended machines Passphrases/decryption keys Memory-resident information
Conclusions FDE is not bulletproof Encryption failure is rare External Factors Understand risks and vulnerabilities, improve where possible