Recovering data from encrypted disks, broken CD's
Steven M. Bellovin
smb at cs.columbia.edu
Sat Jul 29 14:48:42 EDT 2006
On Fri, 28 Jul 2006 10:16:23 -0400, leichter_jerrold at emc.com wrote:
>
> Encrption can be broken
> I was surprised to learn that Ontrack regularly recovers encrypted data
> on systems where the user has lost the key. "There's only a couple of
> technologies where we would run into a roadblock [such as] some of the
> new laptops that have passwords that are tied to the media and to the
> BIOS," says Burmeister. That raises the question: if they can do it, who
> else can?
>
> On encrypted systems that are more difficult to crack, OnTrack also has
> a secret weapon. "Certain situations involve getting permission to get
> help from the manufacturer," he says.
>
I wonder how accurate this is. It's certainly true that some drives have
vendor passwords to unlock them. It's hard to see how they could break
through (good) software encryption, unless the software vendor -- probably
Microsoft -- has implemented some form of key escrow, which to my
knowledge they've adamantly opposed doing. In fact, Microsoft just
withdrew an add-on feature to provide easy-to-use encrypted folders
because corporations didn't like the lack of key recovery.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list