OTFE Volume Files, "Quick Create" Options, and Volume Initialization

Written: 26th May 2001
Last updated: 3rd June 2001

Summary

This one's more of a warning than an outright flaw in OTFE systems that offer any kind of "Quick Create" option.

Some OTFE systems offer the user the ability to "Quick Create" their volume files. Such options speed up the process of creating volume files, but in doing so present a security risk.

Enabling such an option when creating a volume may well enable an attacker to determine the amount of data you have stored within the volume file, or could even reveal what was stored in the computers memory at the time the volume was created.

In order to increase your security, any "quick create" option by an OTFE package should be disabled

Systems offering a "quick create" option include:

• ScramDisk
• SafeHouse
• SAFE Folder (unused space is always filled with 0's)
• seNTry2020 ("Quick create" is not an option in this package; it's mandatory)

Explanation

A typical OTFE volume file consists of some kind of "header" information, followed by a literal dump of the OTFE volume, in encrypted form. When a volume is created with any "quick create" option enabled, the area of the volume file in which this literal dump of the OTFE volume will not be initialized.

Under Windows NT/2000, this will typically result in a file that consists of nothing other than the character 0x00, and any OTFE package specific volume file header.

Under Windows 9x/Me, however, one of two things can happen, depending on how the particular OTFE package operates:

1. Either, like Windows NT/2000, 0x00 characters make up almost all of the volume file.
2. Part of whatever "just so happened" to be stored in the computers memory at the time the disk was created will be dumped (in plaintext) to the file; this is caused by the way in which MS Windows fails to clear it's buffers before committing data to disk

In the first case, this can lead to a potential security problem by allowing an attacker to gain a fairly good idea of the maximum amount of data that has been stored in your volume file/the amount of use the volume has had, by simply examining it and noting how much of the file remains zeroed out (i.e. has not been overwritten with encrypted data).

In the second case, which is perhaps the worse of the two, potentially sensitive information could be written out to the user's HDD; the security implications of this are obvious.

In summary, even though using a "Quick Create" option can create a new volume in a fraction of the time it would otherwise take, the security risk presented is such that any option like this should not be used

Demonstration

Create a new volume file with any "quick create" option turned on, and then examine the resultant volume file with a hex editor; it may well consist of nothing but 0x00's (decimal 0), or readable data that the user may recognise.

Notes

Workaround: This "leak" can be prevented by mounting the volume and then running an unused disk space shredder (see Disk and File Shredders: A Comparison) on the encrypted drive (one pass of random data should be sufficient). During the shred process, the data written to the disk will be encrypted and thereby replace the original data stored in the volume file with what should appear to be purely random data.

If this approach is used, it is suggested that the shredder used be setup such that the last "pass" of data written to the disk is pseudorandom data, in order to reduce the possibility of an attacker assuming that a shredder has be used on the mounted volume, and using this information to launch a known plaintext attack on the encrypted volume.

Email me at: sdean12@sdean12.org

Return to the Attacking OTFE; Known Security Flaws in Certain OTFE Systems page