Authentication

Authentication works by using a cryptographic system to ensure that a user (or system) is who they say they are. The process works technically by comparing the credentials provided by the remote entity against a list of authorized entities stored in a file system or database.

Authentication precedes authorization. Most people think both terms are interchangeable, but this is not completely correct. For example, when a user requests access to remote resources stored on a server, he or she needs to supply their credentials, for instance, a username and password. If the user credentials match, the system will grant the user access, or authorize, the access to the data or computing resources matching the associated access control tables; otherwise, access will be denied.

Nonrepudiation

The concept of nonrepudiation is important in the e-commerce world. To repudiate means to deny, and this concept is simple: when a user performs an action, he or she cannot later deny it.

As an example, think about when a bank client sends a money transfer from his or her account to another account using an electronic transfer. Later, this client may deny sending any transfer from his or her account and demand the money be returned. Here, there should be a technical mechanism in the bank to confirm that this client has legally authorized the transaction. Nonrepudiation can be technically guaranteed via digital signatures and/or encryption, as you are going to see later in this chapter.

Confidentiality

In simple terms, confidentiality ensures that data is not made available or disclosed to unauthorized parties. This has always been the main purpose of creating cryptographic systems. When the data is confidential, no one should be allowed access to it except the authorized people who possess the decryption key. Confidentiality can be achieved by using a strong encryption algorithm combined with a strong and complex passphrase.

Integrity

Integrity means that data is not viewed or manipulated by an unauthorized, or even an authorized, user during storage or transit. Technically, users can assure data integrity in transit by using hashing, which provides a mechanism to ensure that data has not been tempered with or changed during transmission. While the data is at rest, integrity can be achieved by physically controlling access to server/network device rooms, restricting access to data, and implementing strict authentication procedures in addition to storing sensitive data encrypted on company servers.

Symmetric Cryptography

Also known as secret key cryptography (SKC) , in this type of encryption, both the sender and the receiver use the same key to encrypt and decrypt the data. The main disadvantage of this scheme is that the entire operation is dependent on the secrecy of the key. If the key is compromised by an unauthorized party, the whole system is breached. Figure 5-1 shows the process of symmetric cryptography.

Figure 5-1. Symmetric key cryptography system

Symmetric encryption algorithms are split into stream ciphers and block ciphers. Stream ciphers encrypt plaintext bits individually, whereas block ciphers encrypt an entire block of plaintext bits at a time as a single unit. The majority of modern block ciphers have a block length of 128 bits (16 bytes).

Some of the popular symmetric encryption algorithms are AES/Rijndael, Blowfish, CAST5, DES, IDEA, RC2, RC4, RC6, Serpent, Triple DES, and Twofish .

Asymmetric Cryptography

Also known as public key cryptography (PKC) , this cryptographic schema uses two different keys for encryption and decryption. The two keys are mathematically linked. However, no one can derive the decryption key (private key) from the encryption key (public key). Figure 5-2 illustrates the use of the two keys between the sender and the receiver.

Figure 5-2. Asymmetric encryption, public key cryptography

In asymmetrical cryptography, the public key can be distributed freely; however, the private key should be kept secret to avoid collapsing the whole system. The public key is used to encrypt the secret message or to verify the digital signature of the sender, while the private key is used to decrypt the scrambled message or to create a digital signature. A message encrypted using this technique can only be decrypted back using the corresponding private key pair.

Some of the popular asymmetric encryption algorithms are the RSA encryption algorithm, Diffie-Hellman, Digital Signature Algorithm, ElGamal, ECDSA, and XTR .

Cryptographic Hash

A cryptographic hash function (also called a digest) converts a digital file (input) and returns a fixed-size value, which is called the hash value (see Figure 5-3). You find the hash of any digital file (or piece of data) by running the data through a hash generator. Every time you hash the same data, you should get the same hash value as a result. This effectively helps you to create a digital fingerprint for any digital file.

Figure 5-3. How a hash function works

To ensure the integrity of a file (or any piece of data), a hash of a file can be sent to accompany the file. The receiver may then compute a hash of the data received and compare it with the hash received. If the two outputs match, then you can assert that a message has not been tampered with.

There are different hash functions, the most popular of which are MD5, SHA-1, and SHA-256. The best secure hash algorithm is the one that has the best speed and is collision resistant. (Collison means producing the same hash from two different inputs. This is rare, especially when using hashing algorithms that create a higher bit hash of 256 bits and more.)

Hash values are used extensively during digital forensics investigations to examine, identify, and authenticate digital evidence. Hashing is also used to store user credentials (password) in management information systems (MISs) so that even the administrator of the MIS does not know a user’s password. Hashing can also speed up the process of searching through a database because searching for hash values is faster than searching for long string names within databases .

How to Calculate File Hash?

There are many programs to calculate a digital file hash. Febooti Hash & CRC ( www.febooti.com ) is one of them that can integrate natively into Microsoft Windows file properties. After installing the program, right-click any file for which you want to calculate its hash, select Properties, and go to the Hash/CRC tab.

You can also calculate the hash of any file in a modern Windows version without using a third-party tool. To do this, go to the Windows Start menu and select Windows PowerShell. Run the command in Figure 5-4, replacing C:UsersNihadDesktopNihadHassan.txt with the path to the file you want to view the hash of.

Figure 5-4. Using Windows PowerShell to calculate a digital file’s hash

Key Exchange Algorithms

A key exchange is any method in cryptography that allows a user to safely exchange encryption keys with an unknown party in order to use a cryptographic algorithm. For example, when two parties want to use symmetrical key cryptography to exchange secret data, they need first to share the “secret key.” Public key cryptography can be used to share the secret key securely between authorized communication parties through an untrusted network like the Internet. The following are two of the most common key exchange algorithms currently used:

• Diffie-Hellman key agreement algorithm

• RSA key exchange process

In general, the Diffie-Hellman key exchange algorithm (used for SSL connection) provides better performance than the RSA key exchange algorithm. Figure 5-5 shows the basic Diffie-Hellman key agreement process.

Figure 5-5. Diffie-Hellman key agreement

The Difference Between Digital Signatures and Electronic Signatures

You should not confuse the terms digital signature and electronic signature (e-signature) even though, again, both names are often used interchangeably. Both digital signatures and e-signature solutions allow you to sign documents and authenticate the signer. However, they differ in the purpose, technical implementation, and legal acceptance. For instance, most electronic signature solutions are easy to use; a user can just click to sign the document or can simply insert an image containing a handwritten signature on the document to sign it.

E-signatures aren’t regulated like digital signatures, and each vendor has its own standards and technical implementation that cannot compare with the strict security standards implemented by the digital signature algorithms currently deployed. However, some more secure e-signature solutions protect the signed document with a cryptographic digital signature, thus making it have the same strict security standards as a digital signature in term of linking the signer’s identity to his or her e-signature .

Web of Trust

The Web of Trust is used in Pretty Good Privacy and other compatible systems to establish a trust relationship between a public key and its owner. It is a decentralized security model in which participants authenticate the identities of other users. The Web of Trust is similar to social networking web sites. A user can add unknown people to his or her list of friends if they already have friends in common. You can see this clearly on Facebook and LinkedIn.

For example, if Susan trusts Nihad, then Susan could also trust the public key of Rita, who does not know if this key has been authenticated by Nihad .

Kerberos

Kerberos is a network authentication protocol developed by MIT. It works through a client-server architecture by using secret key cryptography. Kerberos provides secure authentication between the user and server rather than a host-to-host approach. The main component of a Kerberos schema is a central server (or a trusted third-party server) used for authenticating requests.

In a Kerberos network, each connected host has its own secret key, and one of these hosts is the central Kerberos server, also known as a key distribution center (KDC) . All host secret keys will be stored on the KDC server. (In some networks, not all host keys will be stored in the central KDC; the group of systems that are under the same master KDC is called a realm.) Kerberos provides secure communication by checking each connected host’s secret key with the one stored on it (the host can do the same with the Kerberos server). After a client and server have used Kerberos to assure their identities, they can begin to exchange encrypted data across an unsecured network such as the Internet.

Certificates and Certificate Authorities

Certificate authorities (CAs) issue digital certificates for web sites, online services, IoT devices, and individuals. These certificates contain their identity credential in order to be recognized and trusted online (trusted because CA has already verified the identity of each digital certificate holder). CAs play a critical role in today’s digital age. They build trust relationships between different business partners online, encrypt business transactions, and secure the communications between different parties conducting e-commerce transactions.

A digital certificate is like your passport; you can use it within your country to verify your identity. If you are in the United States and your passport is issued from New York, you can safely use it in Washington. The local authorities in Washington will recognize and trust your personal information because your passport is issued by a government agency they trust (New York authorities). If you moved outside the United States, foreign countries that accept U.S. passports will also verify and trust your details, because they trust in the government papers issued by U.S. authorities. This analogy represents the certificate trust chain where your “certificate” is accepted so as long as it is issued from a recognized trusted party (the CA).

For online transactions, digital certificates are small data files that contain identifying information (certificate issuer, public key, holder name, expiration date, serial number, version, certificate issuer digital signature, and other information according to each CA provider). A certificate enables its holder to bind (or prove ownership) of a public key to him or her (or an organization, web site, or any other entity currently holding this certificate). A digital certificate encrypts the connections between communication parties, ensuring the secure exchange of confidential information online. It also lists what actions its holder can do and what actions the holder cannot.

A popular type of digital certificate is the SSL certificate issued for web sites. SSL binds the ownership details of a web server (and consequently web sites) to their cryptographic keys. These keys are used to establish a secure session between the client’s browser and the web server (web site) hosting the SSL certificate. See Figure 5-7 for a sample digital certificate for LinkedIn.com issued by DigiCert Inc.

Figure 5-7. Sample digital certificate for LinkedIn.com issued by DigiCert Inc

Let’s now return to the role of digital certificate with regard to the trust relationship between a sender and a receiver. For example, when Nihad wants to send an encrypted e-mail to Susan, he needs to get her public key from Susan’s CA issuer. If both Nihad and Susan have their certificates from the same issuer, the process is clear, and the trust relationship is already established. However, if Susan’s certificate is issued from a different CA other than the one that issued Nihad’s certificate, how can Nihad trust Susan’s certificate? When people face such a challenge, they can simply trust the receiver’s public key certificate when it is issued by a global reputable CA company. CA providers like Comodo ( https://ssl.comodo.com ), Digicert ( https://www.digicert.com ), and Symantec ( https://www.symantec.com/ssl-certificates ) are known to be trusted on a global level (and, of course, there are others) .

The most commonly used standard for issuing digital certificates for a public key schema is the X.509 format that is defined in International Telecommunication Union Telecommunication Standardization Sector (ITU-T) Recommendation X.509. The information in an X.509 certificate includes the following: version, serial number, algorithm information, issuer name, expire date, subject name, subject public key, and optional standard extensions. Many SSL certificates follow the X.509 standard format.

Encrypting Windows/Fixed Data Drives

After you have the necessary information about the BitLocker feature, let’s begin encrypting your first drive. BitLocker differentiates between three types of disks (although the encryption process is transparent to the user): Windows drive, fixed data drive, and removable data drive. To encrypt the Windows drive, your computer must meet the following three prerequisites:

• Your OS partition should be formatted using the NTFS file system .

• A system partition that is at least 350MB. This partition is necessary to store Windows boot files because Windows cannot recognize an encrypted boot loader at startup. This partition should be formatted as NTFS for computers that use BIOS firmware and with FAT32 for computers that use UEFI-based firmware. You can see this drive and its size by going to Control Panel ➤ Administrative Tools ➤ Computer Management ➤ Storage ➤ Disk Management (see Figure 5-20). The majority of modern laptops that come with Windows preinstalled contain this partition. However, if your current PC does not have one, BitLocker will create one for you automatically by shrinking the current Windows drive (usually the C: drive).

  

  Figure 5-20. Viewing all the computer’s hard drive partitions including the one reserved by Windows

• Administrative access.

To begin encrypting Windows disk drive, follow these steps (applicable to all supported editions of Windows 7, 8, 8.1, and 10):

1. Go to Control Panel ➤ BitLocker Drive Encryption, select the drive you want to encrypt, and click Turn on BitLocker on the right side (see Figure 5-21).

   

   Figure 5-21. Turning on BitLocker on the C: drive (Windows partition)

2. If your computer doesn’t have a TPM chip, you will see the following error message: “This device can’t use a Trusted Platform Module. Your administrator must set the ‘Allow BitLocker without a compatible TPM’ option in the ‘Require additional authentication at startup’ policy for OS volumes.” In other words, BitLocker requires a computer with a Trusted Platform Module (TPM ) . This is a small microchip located on your computer mainboard. The majority of modern Windows devices come equipped with this chip; some motherboards manufacturers allow the addition of this chip separately. The main role of the TPM with regard to BitLocker encryption is to store BitLocker encryption keys. It also offers a mechanism to detect any attempt to change the host OS software or hardware used by attackers to crack your encrypted drive. Once TPM detected any changes, it will make your PC boot in a restricted mode, thus preventing attackers from gaining any information from you that can aid them to crack your encrypted drives (we will cover attacks against BitLocker and full disk encryption later in this chapter). Nevertheless, if your PC does not contain a TPM chip, you can continue to use BitLocker on your Windows device, but you need to change the Group Policy setting on your computer first.

3. Press Windows Key+R to open the Windows Run dialog.

4. Type gpedit.msc and then press the Enter key.

5. Go to Local Computer Policy ➤ Computer Configuration ➤ Administrative Templates ➤ Windows Components ➤ BitLocker Drive Encryption ➤ Operating System Drives.

6. Double-click the setting named “Require additional authentication at startup” in the right pane. Select Enabled and make sure the option “Allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive)” is selected (see Figure 5-22).

   

   Figure 5-22. Enabling BitLocker without a compatible TPM

7. Click OK and close the Local Group Policy Editor. Now you can continue setting up your BitLocker on a device without a compatible TPM chip.

   Note If you do not know whether your Windows PC has a TPM chip, do the following check (applicable to all Windows versions): press Windows Key+R to launch the Run dialog. Type tpm.msc and press Enter. If your PC has a TPM module, its version and type should appear; otherwise, the following message will show up: “Compatible Trusted Platform Module (TPM) cannot be found on this computer….”

   In some devices, the TPM could exist; however, it is disabled in the motherboard settings. To reenable it, restart your PC into its UEFI or BIOS. Search for a setting named TPM or Trusted Platform Module and reenable it if it is already disabled.

8. After enabling BitLocker to run without a compatible TPM , return to the first step and click Turn on BitLocker next to the operating system drive (see Figure 5-20). Please note that in this experiment you are encrypting the Windows drive; encrypting a fixed data drive is almost identical.

9. The first window in the wizard appears. Click Next to continue.

10. The second window states that “You will no longer be able to use Windows Recovery Environment unless it is manually enabled and moved to the system drive.” Click Next to continue.

11. Now, BitLocker will ask you to “Choose how to unlock your drive at startup.” You have two options: enter a password each time your PC boot or insert a USB flash drive. In this case, select “Enter a password.” Please note that if you select to use a USB drive, you must connect this USB to your computer each time you boot up in order to decrypt your drive.

12. We select to use a password, so you need to enter it twice in the new wizard window. Make sure to use a strong password according to our tips in Chapter 2. Click Next to continue.

13. The wizard will ask you “How do you want to back up your recovery key?” You have four choices (see Figure 5-23): save it to your Microsoft account, save it to a USB flash drive, save it to a file, and print the recovery key. In this case, you will store the recovery key to a USB drive. A list of connected USB drives will appear, so select the one that will hold your recovery key (you can also select to print the recovery key; the BitLocker wizard allows you to choose more than one recovery method).

    

    Figure 5-23. Selecting how you want to back up your BitLocker recovery key

    Warning Store the BitLocker recovery key in a safe location and make sure not to lose it. If you forget your password or your computer (with a TPM chip) gets damaged and you have to move your hard disk into another computer, the recovery key is your only way to decrypt your data. Otherwise, you will lose all your encrypted data for good.

14. After saving the recovery key to a USB flash drive, click Next to continue. The next window will ask you to “Choose how much of your drive to encrypt.” You have two options. You can encrypt used disk space only (which is fastest and best for new PCs and drives) or you can encrypt the entire dive (which is slower but better for PCs and drives already in use). Basically, you have been using your computer for some time, your disk drive will certainly contain different data and information other than the one appears (for example, deleted files and fragments of deleted files and folders). In this case, it is essential to enable BitLocker to encrypt the entire drive (including the free space area) to assure that an attacker cannot retrieve the remnants of deleted files from the unencrypted area. On the other hand, if your PC is new, there’s no need to bother and encrypt the entire drive; only encrypt the area that contains data.

15. After selecting how much drive you want to encrypt, click Next to continue. A new wizard window, which is dedicated to Windows 10 build 1511 or later, appears. It asks you “Which encryption mode to use.” You have two options. The first is “New encryption mode,” which is more suitable for fixed drives on devices with Windows 10 installed. This mode provides additional integrity support, but it is not compatible with older versions of Windows. The second option is “Compatible mode” and works on all previous Windows versions (Windows Vista and 7 and 8). This option should be used if you are encrypting a removable drive that can be used on older Windows versions (see Figure 5-24).

    

    Figure 5-24. Choosing which encryption mode to use (applicable only to Windows 10)

16. After selecting your encryption mode, click Next to continue. The final wizard window appears and asks you to run a BitLocker system check to ensure that BitLocker can read the recovery and encryption keys correctly. Windows will reboot, and the encryption will begin. It may take some time depending the size of the drive; you can check the encryption progress by checking the BitLocker Drive Encryption icon in the system tray. You can continue your work while the drive is being encrypted.

After finishing the encryption, whenever you boot into Windows, BitLocker will prompt you for a password (or a USB drive if you have already selected that) before unlocking your computer.

Encrypting a fixed data drive is similar. However, Windows will not prompt you for the decryption key upon bootup. Instead, you can double-click the encrypted disk drive after booting to Windows and then enter your password in the prompt to unlock the drive.

If you lost the unlock method you use to access BitLocker drive, you must press the Esc button upon booting to Windows. When BitLocker prompts you to enter the password or insert the USB, then you need to provide the recovery key in order to decrypt your drive.

Encrypting Removable Disk Drives

Using BitLocker to encrypt removable storage such as external HDDs, SD cards, and USB sticks is straightforward. BitLocker offers an effective method to protect your portable storage units that should be used by any Windows user who cares about his or her privacy. Follow these steps to encrypt removable storage devices :

1. Insert the USB drive you want to encrypt (the same applies to portable HDDs or any supported drive).

2. Right-click “USB drive” in Windows File Explorer and select Turn on BitLocker. Alternatively, you can go to Control Panel ➤ BitLocker Drive Encryption, and in the “Removable data drives” section (BitLocker To Go) click Turn on BitLocker next to the USB you want to encrypt.

3. The BitLocker wizard launches and asks you to “Choose how you want to unlock this drive.” You have two choices, a password and a smart card. In this case, you will select the first option, a password. (You can select both options, a password and smart card, for additional security.)

4. After entering the password used to unlock the drive, click the Next button to move to the next screen. BitLocker will ask you how you want to back up your recovery key in the event that you forget your password (you have three options: upload to a Microsoft account, save to a file, and print on paper). Select your preferred method and click Next.

5. BitLocker will ask you how much data on your drive you want to encrypt. You can encrypt used space only or encrypt everything. Select your choice and click Next .

6. The next wizard screen asks you which encryption mode to use. Because you are encrypting a USB stick, leave the encryption mode set to “Compatible mode” and then click Next.

7. The final wizard asks if you are ready to encrypt the drive. When you are ready, click the Start Encrypting button.

BitLocker will start the encryption process, which can take some time depending on the amount of data you want to encrypt and the size of the USB drive.

When you open Windows File Explorer, you will notice that the encrypted USB drive icon has changed; it now contains a padlock (see Figure 5-25) that indicates this drive is encrypted using BitLocker.

Figure 5-25. A USB drive encrypted using BitLocker

To access the locked drive, double-click it in File Explorer. BitLocker will prompt you to enter the password to unlock the drive. In the same window, you can click “More options” to see additional options such as “Automatically unlock on this PC,” which allows you to unlock the drive on this computer automatically without entering a password each time you insert it. The second option is to enter the recovery key if you forget your password (see Figure 5-26).

Figure 5-26. Accessing advanced options in the USB drive locked using BitLocker

Finally, to manage BitLocker locked drives and removable ones attached to this PC, go to Control Panel ➤ BitLocker Drive Encryption. On the right side of each BitLocker-enabled drive, you will see a list of options, such as backing up your recovery key, changing/removing the password, and turning off BitLocker (see Figure 5-27).

Figure 5-27. Managing options for a BitLocker-enabled drive

Best Practices When Using BitLocker

When using BitLocker to encrypt your disk drives, it is essential that you heed the following tips to achieve the maximum security possible when using this feature :

• Use a strong and complex password to protect your BitLocker drive following our tips in Chapter 2. Keep your passwords safe in a secure, encrypted password manager.

• Keep your BitLocker recovery key in a safe location. It is better to store two copies of each key in two separate physical locations (for example, keep one in a USB flash drive and save the second one on paper in a secure cabinet).

• Make sure the name of each recovery key reflects the computer/tablet name or removable drive so you will not be confused when you have many recovery keys stored in one location.

• Use multifactor authentication for operating system drives for enhanced security. For example, store TPM and the startup key on a USB flash drive.

• If you select USB authentication, do not confuse it with the recovery key. A USB authentication key (also known as startup key) is a file with a .bek extension, while the recovery key is a text file. Make sure to back up the startup key to a safe location .

• Before upgrading your OS (for example, from Windows 8 to 10), make sure to suspend BitLocker protection. You can do this by going to the BitLocker Drive Encryption option in the Control Panel and suspending protection for the target drive. Please note that the suspension does not mean that BitLocker decrypts data on the volume; it will make this data unlocked for everyone. However, any new data written to the disk is still encrypted.

• Make sure to suspend and resume BitLocker protection after you perform a recovery to your locked drive, as the recovery key will be saved unencrypted on the disk drive, and the drive will remain unprotected until you suspend and resume the BitLocker protection.

• Make sure to turn off your Windows PC or put it in hibernation mode when you finish working. BitLocker is active in these states only. BitLocker is not active in Sleep mode.

• If you suspect that your BitLocker keys have been stolen, make sure to decrypt the drive and then encrypt it again to avoid leaving any traces related to BitLocker metadata that can help attackers to crack it.

• For people storing sensitive data on their machines, it is advisable to encrypt the drive first before moving sensitive files to it. Do this especially for SSDs and USB flash drives.

BitLocker is a great security feature available in most Windows versions. It is easy for novices to use and offers strong protection for your sensitive data. BitLocker adds minimal performance overhead on your machine and is highly recommend, especially on portable Windows computers such as laptops and tablets in addition to removable storage such as USB, SDs, and portal HDDs. Companies using Windows OS for their IT operations are highly encouraged to use BitLocker to protect business data at rest.

Encryption Using VeraCrypt

VeraCrypt offers similar functions as its ancestor TrueCrypt. It can encrypt the Windows partition, fixed drive data partitions, and removable media, and it can create encrypted containers to store sensitive information. VeraCrypt also supports plausible deniability through the following:

• It supports hidden volumes and hidden operating system.

• Encrypted VeraCrypt devices and volumes look as if they are full of random data; they contain no signature for being a VeraCrypt container.

In this section, we will demonstrate how to use this stable software to create an encrypted volume, and later we will demonstrate how to create a hidden volume in addition to encrypting removable USB devices .

Opening the Hidden Volume

Opening a hidden volume is just like opening the standard volume, which you did previously (see the section “Opening a VeraCrypt-Encrypted Volume”). But instead of entering the outer volume password, you need to enter the hidden volume password. VeraCrypt will show the volume type as Hidden after mounting it (see Figure 5-35).

Figure 5-35. VeraCrypt showing the type of volume mounted in its main program window

Encrypting Fixed Data and USB Drive Using VeraCrypt

Encrypting USB drives and other fixed data drives (non-Windows partitions) is similar to creating standard volumes. To encrypt a removable drive, follow these steps (in brief):

1. Launch the VeraCrypt program. Click Create Volume in the main program window. The Volume Creation Wizard will appear.

2. Select “Encrypt a non-system partition drive/drive” and then click Next to continue.

3. In the next wizard window, select “Standard VeraCrypt volume” and then click Next to continue.

4. The next wizard window will ask you to select the device that you want to encrypt. Click Select Device and select the drive you want to encrypt. All connected devices and partitions on the current computer will appear; make sure to select either the fixed data or the USB drive only (this wizard is not applicable to Windows drives), as shown in Figure 5-38.

   

   Figure 5-38. Selecting the USB drive you want to encrypt

5. After selecting your device, click Next to move to the next wizard window, which gives you two options (see Figure 5-39). The first is “Create encrypted volume and format it.” Use this option if you want to encrypt a clean USB stick that contains no data (do not use this option if your device/USB holds data because everything will get lost). The second option is “Encrypt partition in place.” Use this option if your current device/USB stick contains data that must be maintained and encrypted.

   

   Figure 5-39. The first option will format the drive and then encrypt the data, while the second option will encrypt the existing data in the drive without formatting it

6. The next wizard window will ask you to select your encryption algorithm, set a volume password, and set whether you want to store large files (more than 4GB, and set the filesystem type. After setting all these parameters (like you did earlier), click the Format button.

If everything works as expected, VeraCrypt will launch a success message stating that the volume was created successfully. Click the Exit button to close the wizard .

To mount the encrypted device/USB volumes, follow these steps:

1. Click the Auto-Mount Devices button in the main program window. The password dialog will appear. Type your device/USB password and click OK. VeraCrypt will mount your device to one of the available drive letters (see Figure 5-40).

   

   Figure 5-40. Mounting a device/USB in VeraCrypt

Alternatively, you can mount your device by selecting a drive letter (different from the current device/USB drive letter) and clicking the Select Device button in the main program window; then click the Mount button.

After successfully mounting your device/USB drive, two drives will appear in Windows File Explorer; these are the encrypted drive and the mounted (unlocked) container, which contains its data (see Figure 5-41).

Figure 5-41. Each mounted device/USB will reserve two drive letters, one for the encrypted drive (inaccessible) and the second for the mounted version that contains its data

In this section, we have thoroughly covered using VeraCrypt to create a standard container and a hidden container and to encrypt a fixed data drive and removable storage devices. You can also use VeraCrypt to encrypt the system drive (the Windows partition) in addition to creating a hidden operating system if someone forces you to decrypt the operating system. What we covered in this section is enough for all users with varying IT skills to begin using VeraCrypt for their daily tasks. For experienced users who may want to use it to encrypt the operating system partition or check out all its advanced features, we recommend reading the VeraCrypt documentation at https://veracrypt.codeplex.com/documentation .

7-Zip

7-Zip ( www.7-zip.org ) is open source archiver software that works on all Windows versions (beginning from NT). It allows you to compress and encrypt data using the AES-256 encryption algorithm for the 7ZIP format and uses AES-256/ZipCrypto for the ZIP file format. Using it is simple; just right-click the file or folder you want to compress and select Z-Zip ➤ Add to archive.

AES Crypt

AES Crypt ( https://www.aescrypt.com ) is a free, open source program that integrates with the Windows right-click context menu. It uses AES-256 encryption to do its job. To encrypt a file, right-click the file and select AES Encrypt. Then enter the password to lock the file; another file with the same name but with AES extension will appear in the same directory. To decrypt it, right-click the encrypted result and select AES Decrypt. Then enter its password. The encrypted file should appear unencrypted in the same directory with its original extension.

Protect Microsoft Office Files

All Microsoft Office documents beginning with Microsoft Office 2007 can be protected with a password to prevent others from opening or modifying your documents. This feature uses AES-128 by default. To password-protect a Microsoft Word document, follow these steps:

In Microsoft Office 2007, click the Microsoft Office button and select Prepare ➤ Encrypt Document. Type your password and confirm it. Then click OK. Finally, save the changes to your file.

For Microsoft Office 2013 and 2016, open the document you want to protect, select the File menu, go to the Info tab, click the Protect Document button, select Encrypt with Password, enter the password, and click OK. Finally, save changes to your document. In Excel, select File, go to the Info tab, select Protect Workbook, and select Encrypt with Password. In PowerPoint, select File, go to the Info tab, select Protect Presentation, and select Encrypt with Password.

Protect PDF Files

Like the Microsoft Office products, Adobe has a password protection feature for its documents. PDF documents are used widely for both personal and business use. To protect a PDF file with a password, open the file you want to protect, select File ➤ Properties, and go to the Security tab. From the Security Method drop-down menu, select Password Security. Another window will pop up where you should select the option “Require a password to open the document” and type the password in the corresponding field. Click the OK button, and another pop-up window will appear asking you to confirm your password. Type it again and click OK. Then close all open dialogs and save your document (you can save it by closing it and selecting Yes when Adobe asks you whether you want to save your changes to the file ).

Harvest-Then-Decrypt Attack

With advances in computing technology, you can expect that currently used algorithms will be broken before reaching their estimated death time. For instance, a quantum computer (still under development) is known to be thousands of times faster than a normal computer. This tremendous speed imposes a serious risk on modern cryptographic algorithms, especially the ones based on public key infrastructure (PKI) such as RSA and Elliptic Curve Cryptography (ECC) . These two algorithms are still used by the Transport Layer Security (TLS) protocol, which is used to secure the majority of online applications such as web browsing, IM, e-mail, VoIP services, and so on. TLS achieves its secure work by encrypting the connection between the client and the server using a symmetrical key. However, it will use asymmetrical algorithms such as RSA to exchange the secret key first, which is generated automatically upon initiating each session. These protocols are still very secure by today’s security standards and nearly impossible to break. However, an attacker could record the encrypted traffic and then wait until the technology advances (for example, until the quantum computer arrives) and then try to decrypt the traffic.

The DROWN Attack

DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption. This kind of attack affects servers that are still supporting SSLv2. Nearly all modern Internet applications do not use SSLv2. However, if there is a misconfigured server that still has SSLv2 enabled, this may impose a risk as it allows an attacker to decrypt the newer TLS connection between up-to-date clients and the servers by using the same private key used for the secure connection. Disabling SSLv2 is necessary to close such a vulnerability. You can find more information about this attack and the countermeasures at https://drownattack.com .

Man-in-the-Middle (MITM) Attack

This is another form of active attack that targets encrypted traffic flows online, and it is mostly applicable to the public key cryptography schema. In this type, an attacker intercepts the communication but still relays the message between the sender and the receiver as if the communication was not touched. Discovering such attacks is difficult because nothing appears to be unusual for the communicating parties. Here’s an example:

1. If Nihad wants to communicate privately with Susan, he needs to request her public key first.

2. An attacker intercepts the communication and sends his public key instead to Susan. In this way, the attacker is able to decrypt anything Nihad sends to Susan.

3. Capturing one side is not enough; the attacker needs to maintain the connection, so he or she encrypts the data after reading it and resends it to Susan.

4. The attacker now sends his public key impersonating Nihad so that anything Susan sends is decrypted by the attacker.

Such attacks are difficult to conduct because they involve a real intrusion into the communication channel, but when it does happen, it results in a serious compromise.

Brute-Force Attack

In this type of attack, the attacker already has the encrypted data and knows the encryption algorithm. The attacker needs to know the decryption key or the password/passphrase. The attacker tries all possible combinations to find the correct key. If the key (password/passphrase) is long, cracking it can take a long time. There are many programs to automate such attacks, such as John the Ripper ( www.openwall.com/john/ ) and RainbowCrack ( http://project-rainbowcrack.com ), which is used specifically for cracking password hashes.

A variant of brute-force attack is a dictionary attack, which uses words and phrases from different dictionaries in order to crack the password/key. A dictionary attack is faster than a brute-force attack as the attacker needs to try small combinations of possible words/phrases compared with a regular brute-force attack. However, this attack has its limitations because if the key/password does not exist in the dictionary, the attacker will never find it. Brute-force and dictionary attacks can be deterred by using complex, long passwords that have no specific meaning (follow our tips in Chapter 2 for creating secure passwords).

Bootkit

A bootkit is a kind of malware that installs on the master boot record (MBR) of your operating system. It usually stores its code in the unallocated disk space or host-protected area using its own file system. It runs before the operating system boots, giving it the ability to bypass full disk encryption because the MBR is not encrypted; this allows the OS to boot up and the encryption software to launch its login screen from within the MBR. This will effectively allow it to capture the decryption key/password once entered. A bootkit can get direct access to the Windows kernel, giving it wide abilities to do its dirty work and bypassing all security software already installed on the infected machine.

If you are curious about bootkit development, you can check out www.stoned-vienna.com , which gives information about and the source code of one type of bootkit named Stoned Bootkit. This kind of bootkit attacks all Windows versions from 2000 up to 7. It also has a demo version for Windows 8.

A bootkit is considered a type of rootkit (covered next). However, the main difference between them is that the bootkit launches early during the boot process.

Rootkit

A rootkit is a type of malicious software designed to gain low-level access to the target computer. A rootkit in itself is not malicious; however, if exploited by intruders, it can spy on a legitimate computer owner’s usage and steal his or her decryption keys. Rootkits work stealthily in the background without leaving any traces in the infected machine. They do not have a process name, a registry entry, or an associated Windows service running. A rootkit has the ability to disable security solutions already installed on the infected machine. It can also make modifications to the OS (e.g., install itself as a software driver) to further conceal itself, install a keylogger, and install other malware in addition to maintaining administrative access to the target machine by the attacker.

Detecting a bootkit or a rootkit can be extremely difficult because normal antivirus programs cannot detect all types of them. However, there are many tools that have been designed specifically to detect and remove this kind of threat. You can find some in Table 5-1.

Operating System Leak

Windows can leak sensitive information, even if you are implementing a full disk encryption scheme in your PC. For instance, decrypted files (or parts of them), passwords, encryption keys, cached files, and other secret information can reside in different places in Windows, such as in paging files, hibernation files, memory dumps, and system restore points (created by the Volume Shadow Copy Service). Many single-file encryption tools offer a feature to delete the original file upon encryption and leave the encrypted result only; this is a good security practice. However, the majority of such programs do not wipe the deleted file securely, making it recoverable later.

The previous attacks against encryption techniques are all based on software attacks. However, there are more attacks that require physical access to the target machine to work successfully. The following section covers the most popular one.

Evil Maid Attack

In this scenario, an attacker gains physical access to an unattended target PC that has full disk encryption enabled using programs like VeraCrypt, PGP whole disk encryption, or BitLocker. The attacker (like a maid in a hotel) boots the target PC using a CD/DVD or USB drive, or even through a network, and installs a bootkit (backdoor) into the system and then shuts off the PC.

When the legitimate PC owner returns, he or she powers up the PC as usual and enters the decryption key/password to decrypt the disk. The bootkit will record this information somewhere in the disk drive (e.g., in unallocated space or in a host-protected area); the attacker can return later to recover them and delete any traces left from the attack. Some kinds of bootkits can also send the user decryption key/password via the Internet when a connection is available.

Nearly all disk encryption systems are vulnerable to this attack unless some precautionary measures are followed (covered in a moment) that can make performing this attack extremely hard to achieve.

Cold Boot Attack

In this type of attack, an attacker gains physical access to the target machine immediately after it has been turned off (or the attacker can reboot a running machine using the power button; this called a cold reboot) and then tries to boot using a USB stick or CD/DVD. Using specialized software, the attacker captures an image of the RAM and stores it on the removable device. Finally, the attacker shuts down the PC as if nothing happened. In old desktop computers and some laptop models, an attacker can also remove the RAM module entirely from the target machine and install it on his or her own machine and then boot normally to extract its contents.

The captured image will get analyzed to recognize important artifacts stored within it using a variety of techniques. By using a specialized tool, there is a high probability that an attacker can find and extract the decryption key from the target machine.

This kind of attack is possible because of the volatile nature of RAM. Anything stored in RAM will disappear when it loses power. However, research conducted by Princeton University in 2008 found that information stored within RAM can last for seconds after it loses power. This period can extend into minutes or even hours if RAM is frozen using liquid nitrogen to cool the volatile memory modules to slow down the degradation of the contents.

The majority of encryption systems store their encryption key/password in RAM. This attack also proves its effectiveness against full disk encryption employed by BitLocker .

Direct Memory Access

Direct memory access (DMA ) is a type of physical attack where an attacker gains direct access to the target machine’s RAM by exploiting some types of ports (FireWire, Thunderbolt, PCI Express). This allows direct access to RAM without passing first through the target machine’s CPU. By doing this, an attacker can access/capture the RAM contents directly and then by using specialized software can investigate it thoroughly to extract encryption keys and other sensitive information like passwords, chat messages, and decrypted files. In the same way, an attacker can bypass all the security solutions already deployed by the target OS and install a keylogger or rootkit to monitor everything done on the subject device.

Hardware Keyloggers

Keyloggers come in two forms, software and hardware. We already talked about some types of software bootkits and rootkits that have the ability to record user activities stealthily and send it later through the Internet or Wi-Fi signals to their operator. The same thing applies to hardware keyloggers, which are more sophisticated and have the ability to surpass all the security solutions already installed on the target machine. By installing a hardware keylogger, usually installed between the target computer and its keyboard or simply attached to the DVI, VGA, or HDMI port, an attacker will have the ability to capture everything the user types on the machine in addition to taking screen captures and then send this information through e-mail. Some modern types of hardware keyloggers have built-in Wi-Fi support, enabling them to use their own connection to deliver reports. A hardware keylogger looks similar to cabling used with a PC to connect different external devices, making it less suspicious for nonexperienced users. A hardware keylogger is more dangerous than its software counterpart as it can begin logging user activities once the computer starts. This gives it the ability to record BIOS passwords and full disk encryption passwords.

Hardware Backdoor

As more companies select to manufacture their IT products in Asian countries to reduce costs, you can expect to see more devices equipped with hardware backdoors . Backdoors allow cyber-criminals to gain remote access to target machines/networks without being discovered. Some types can also get embedded within memory modules (volatile memory) and wireless microchips (e.g., radio frequency identification [RFID]). Hardware backdoors are a real threat to IT operations, especially when they are embedded in security devices such as access control systems and network devices. An attacker can modify the hardware device upon manufacturing so he or she can bypass security measures and full disk encryption on the target machine/network. This kind of attack works below the OS level, making it able to bypass all security software solutions currently deployed. Hardware backdoors and firmware attacks that work by modifying the BIOS code to exploit the target machine are usually used by security services and big criminal organizations with adequate resources to monitor users/companies for intelligence. This threat is not only related to exploiting target systems; it can also be used by cyber-criminals to control affected systems remotely and as a botnet to launch further attacks (e.g., DDoS attacks).

Mitigate Future Attacks Against Encrypted Data

We already covered the harvest-then-decrypt attack, which works by capturing current encrypted data and then waiting until the technology advances in order to be able to crack it. Countering such attacks is difficult because the majority of encrypted data travels online, and anyone with adequate tools can capture it for later analysis. The most practical advice against such future attacks is to use similar technology to counter for it. Currently, quantum computing is still in the development stage. Quantum cryptography (which depends on physics rather than mathematics to create its cryptosystem) is also gaining more attention to fight against future attack techniques. For instance, it is impossible to crack an encryption key encoded using quantum cryptography. This issue boosts confidence in deploying advanced techniques to exchange top-secret information online.

Another mitigation technique that can be used regardless of future attack and protection techniques is to stop sending any critical data online. Sensitive and high-grade information can be exchanged physically using encrypted storage devices offline, without exposing the contents online.

Mitigate Brute-Force Attack

Such an attack is not practical against the Windows OS sign-in authenticator or BitLocker (with a BitLocker password or recovery key) when the target machine is protected with a strong, complex password and the account lockout is activated (the user needs to wait a certain time after entering an invalid username/password three times). Windows devices with TPM microchips offer more protection against such attacks. To protect a VeraCrypt container and similar full disk encryption tools, it is highly advisable to use at least 20 characters in your password and follow our tips in Chapter 2.

OS Leak

Even if you are using full disk encryption to protect your data, you still need to decrypt this data to access it. Windows stores opened files and fragments of them in different locations on the hard drive. For example, when you want to read a Microsoft Word document stored inside a VeraCrypt-encrypted container, you need to decrypt the container first. Then after opening this document, Windows needs to upload it into the computer RAM to make it available for reading. In the same way, Windows will record opening such a file in different locations (recently opened files, Microsoft Word history files, among other places). In addition, Windows may need to store this file or parts of it in another location without the user’s knowledge. To counter for such risks, you need to configure Windows properly to limit the cases that may leak your sensitive data without your knowledge.

• Disable memory dumps: A memory dump file can contain unencrypted data if Windows faces a problem and needs to restart. To disable this feature, go to Control Panel ➤ System, select “Advanced system settings,” go to the Advanced tab, and click the Settings button in the Startup and Recovery section. In the “Write debugging information section,” select “none” from the drop-down menu. Click OK and then OK and you are done.

• Disable the Windows hibernation (Hiberfil.sys) feature: This file is located in the same partition where Windows is installed (usually on the C: drive). As you may have guessed, opened files, encryption keys, passwords, key files, and anything that was running or open on a computer when it goes into hibernation mode may go into this file. If an attacker gains physical access or network access to this file, he or she can copy it to extract useful information from it. To disable hibernation mode in Windows, open a command prompt as the administrator, type Powercfg -hibernate off, and press the Enter key .

• Disable virtual memory: This feature allows Windows to copy part of the RAM contents into a special file on the hard drive (usually stored on the same drive where Windows is installed under the name Pagefile.sys) to compensate for RAM storage when it becomes full. A user can’t determine which file or files will end in the paging file, so it is better to disable it. To disable the paging file on Windows, go to Control Panel ➤ System, select “Advanced system settings,” and go to the Advanced tab. In the Performance pane, click Settings, and on the Advanced tab, click the Change button in the “Virtual memory” section. From this menu, you can select the drive where you want to disable the paging file by selecting “No paging file” and then clicking Set.

• Disable Volume Shadow Copy Service: This service allows Windows to take automatic backup copies of all files and folders and system settings on all system volumes where it is turned on (usually it is turned on by default on the system volume only). This imposes a great risk; for example, a user can delete a file and wipe its location securely, but Windows could save a previous version of this file in one of the system restore points, without the user’s knowledge, to be easily retrieved later. To disable a system restore, go to Control Panel ➤ System, select “Advanced system settings,” and go to the System Protection tab. Select the partition you want to stop generating a restore point for and click the Configure button . In the new window, select “Turn off system protection” (in Windows 10 this option is called “Disable system protection”).

It is good practice to surf the Internet using a limited Windows account to avoid installing any rootkit inadvertently; you should also keep your antivirus solution up-to-date and install a dedicated program to fight against malware. Also, do not forget to set the Windows OS to update itself automatically.

Mitigation Strategies Against Physical Attacks

In this section, we provide you with advice on how to protect against both hardware/physical attacks and bootkits and rootkits. The last two types of attacks are indeed software oriented, but we decided to group them in this section because the majority of such attacks require physical access to the target machine in order to embed successfully. Nevertheless, some types of rootkit can infect machines throughout a network or by installing malware from the Internet inadvertently.

• Set a password for your BIOS. This will prevent attackers from booting using a CD/DVD or USB device and will make launching many physical attacks more difficult to conduct.

• Use a computer with a TPM module when encrypting disk drives using BitLocker so you can discover any tampering with OS files upon booting. If your computer does not have a TPM microchip, you should protect your drive using both a password and a USB token.

• Always use two-factor authentication, even if your computer has a TPM module. For example, use a PIN and a smart card or USB startup key to decrypt your drive. Do the same thing when using the VeraCrypt tool; use a password and a key file stored on a USB flash drive.

• Use a computer with Unified Extensible Firmware Interface (UEFI) support. UEFI is a new programmable interface intended to replace the old BIOS program; it defines a software interface between the computer’s OS and the firmware. UEFI can help you to secure your machines against sophisticated malware like bootkits and rootkits by securing the boot process of the OS. For instance, EUFI will check each hardware piece’s firmware digital signature in addition to its bootloader digital signature against a list of signatures available within it. If attackers modify the bootloader or insert malware in the firmware to capture the encryption keys/passwords, EUFI will detect this and prevent Windows from booting. Most modern Windows (8 and 10) devices support EUFI.

• Use modern Windows versions and stop using the discontinued editions. For instance, XP and Vista should never be used, as Microsoft no longer supports them. Modern Windows versions like 8 and 10 support many features for preventing bootkit and rootkit attacks.

  • Secure Boot is enabled by default on all devices that carry the Windows 8 or 10 logo; it checks whether the bootloader has been tampered with before loading it .

  • The trusted boot feature continues from where Secure Boot ends. It works by verifying the Windows kernel first. If successful, it will pass the check to the Windows kernel, which will in turn check all components used by Windows to start up. If an attacker has modified any startup file, Windows will refuse to load the modified file and will try to repair it by replacing it with another original one to continue the boot process normally.

  • The Early Launch Antimalware (ELAM) feature allows Windows to start the anti-malware solution before Windows loads all non-Microsoft drives to detect any tampering with third-party component files.

• A cold boot attack is practical against computers with old hardware. Modern computing devices have new versions of RAM (DDR3 and DDR4), which store remnants of information for a limited time after losing power. In addition, the RAM in many modern computing devices comes soldered with the mainboard. Thus, you cannot remove it and boot it in another machine. In all cases, it is a good practice to always shut down your computer gracefully and protect your computer BIOS with a password .

• To mitigate DMA attacks, you can use Windows InstantGo–certified devices that do not have any DMA ports. Another solution if your PC has such ports is to stop it from using firmware settings or to use Group Policy settings. Starting with Windows 8.1, DMA access by external devices was rejected until the user authorized the connection.

• To mitigate hardware backdoor threats, you should buy your computing devices (whether it is a computer, tablet, smartphone, or IoT device) from a trusted and reputable vendor. Always ask and investigate before buying sensitive devices such as access control systems and spy cameras, which are products manufactured in Asian countries.

Duplicati

Duplicati ( https://www.duplicati.com ) is a free, open source program for backing up data to the cloud. It works with major cloud storage providers and with other protocols like FTP and SSH. It uses AES-256 or GPG to encrypt your data and incorporates an incremental backup feature to save space and limit the size of uploaded data to the cloud.

Cryptomator

Cryptomator ( https://cryptomator.org ) is free, open source client-side encryption software. It works by creating a virtual hard disk on your PC. Anything you put inside this disk will get encrypted transparently. Cryptomator uses AES-256 to encrypt your data and uses SCRYPT to protect against brute-force attacks. For example, when you want to use Dropbox to store your data in the cloud, create a virtual Cryptomator vault inside your local Dropbox folder. Now anything you put into this vault will get encrypted before uploading it to your Dropbox account in the cloud.

In this section, we covered only two programs that offer native support for cloud storage service. However, bear in mind that you can use the previous encryption tools we already talked about in this chapter to secure your data before uploading it to the cloud. For instance, 7zip, AES Crypt, VeraCrypt containers, and Gpg4win (with the file encryption feature) can be used to secure your data upon uploading it to your cloud account. This will effectively add another layer of protection to your personal information if your cloud account suffers some form of compromise.

Encrypt Files/Folders Using Gpg4win

Gpg4win is not only used to encrypt and sign e-mails but also to sign and encrypt individual files and folders. The same steps apply.

1. You use your private key to encrypt the file.

2. Then you use your correspondent public key to encrypt the result.

GpgEX, which is a plug-in for Microsoft Explorer, is installed as part of the Gpg4win program and allows you to encrypt/decrypt a file or folder directly by right-clicking it. From the Windows Explorer context menu, select More GpgEX options ➤ Encrypt (or you can select “Sign and encrypt” from the same submenu if you want to send the encrypted data to your correspondent). A new dialog appears with more options (see Figure 5-55).

Figure 5-55. Selecting file/folder encryption settings

In this experiment, you will not sign and encrypt your data to send it to an outside user like you did in the previous section. Instead, you will use Gpg4win to secure your data like you might do using any regular encryption program.

Select Encrypt. You can also activate the option “Remove unencrypted original file when done” to delete the selected file/folder after encrypting it. (However, this practice is not fully secure as an attacker can recover deleted files easily if gaining access to your hard drive. You should make sure to overwrite deleted file/folder area on the hard drive after deletion to avoid recovery, as you did in Chapter 3.) When done, click the Next button. Here you should select to whom you want to encrypt the data. In this case, you are encrypting the data for yourself, so you should select your key pair to encrypt it. Then click the Add button to activate your selection. Finally, click Next and you are done (see Figure 5-56) .

Figure 5-56. Selecting which certificate you want to use to encrypt your data

The final wizard will show the encrypted result. If the encryption was successful, a new file with the same original name but with the tar.gpg extension will appear in the same folder/directory. Click Finish to exit the wizard. To decrypt the file gain, right-click it (the file with the .gpg extension) and select “Decrypt and verify.” A new dialog appears; click Decrypt/Verify. Then enter your private key passphrase to decrypt the file; the decrypted result appears in the same folder/directory.

ProtonMail

ProtonMail ( https://protonmail.com ) is different from other regular e-mail providers in many ways. For instance, it is based in Switzerland and follows that jurisdiction, which is considered the best in the world in protecting user rights to privacy. ProtonMail uses two passwords to protect your e-mail account. The first one authenticates your account credentials on the server, and the second decrypts your inbox within your web browser or app, meaning that it never goes online to the ProtonMail server. ProtonMail uses open source cryptography based on a secure implementation of AES, RSA, and OpenPGP to build its system and all messages are stored encrypted on the server. In addition, your e-mails are end-to-end encrypted (when both the sender and the receiver use the ProtonMail service). Finally, this service doesn’t record metadata about your connection to its server such as your IP address or any tracking information. For security-concerned people, the main downside of this service is that users’ cryptographic keys are stored within the ProtonMail keyserver. This means ProtonMail can technically find a way to decrypt messages stored on its servers as it is the authority that distributes these keys in the first place.

ProtonMail is still considered the best free, end-to-end secure e-mail service available today. The basic free account has 500MB storage space. If you are not dealing with sensitive or high-grade information, it is highly advisable to use this service because of the enhanced security features offered.

Disposable Temporary E-mail Address

Sometimes you may want to register with a free online service or receive an offer. For example, you download a free e-book and need to supply your e-mail address. You should not use your work or private e-mail address to receive such offers. Reputable web sites do not sell your data to other third parties. However, no one can guarantee anything in today’s digital age where cyber-attacks come from everywhere. Thus, if you want to supply your e-mail address to receive such offers, it is advisable to use a temporary e-mail address .

Hidester ( https://hidester.com//temporary-email/ ) offers free disposable e-mail addresses that last for one day (or it can last forever if you want). You can send and receive e-mails as you do with any other service. The reply will appear on the service web site. Finally, you can delete it when you want and you are done!

Guerrilla Mail ( https://www.guerrillamail.com ) offers a similar service.

Tor Messenger

Although Tor Messenger ( https://trac.torproject.org/projects/tor/wiki/doc/TorMessenger ) still is in beta version, it is considered one of the most secure IM apps available. It was developed by the creator of the Tor project. Tor Messenger works on different platforms and offers great encryption features by using off-the-record (OTR) messaging automatically. All its traffic is directed through the Tor network by default, making it secure and anonymous at the same time. People who are involved in mission-critical tasks are not encouraged to use it because it still in beta (although this can change to stable anytime).

Cryptocat

Cryptocat ( https://crypto.cat/security.html ) is a free open source program for IM chatting and sharing files. It uses AES-256 and SHA-256 to secure its connection and to encrypt shared files. The main disadvantage of this program is that your buddy list and linked devices are stored unencrypted and can be accessed by the app service provider.

Signal

Signal ( https://whispersystems.org ) is a free open source secure messaging and VoIP app; it is easy to use and offers similar functions as WhatsApp and Viber Apps. This app runs on Android and iPhone devices only. It is recommended by internationally renowned security technologists like Bruce Schneier and privacy advocates like Edward Snowden to have secure online conversations. Signal offers the strongest security measures among all similar apps; it covers all the recommend security criteria for VoIP/IM applications already mentioned.

Ghost Call

Ghost Call ( https://ghostcall.io ) is a free service that offers an end-to-end encrypted calling service; it uses ZRTP media encryption to encrypt the connection, and Linphone, which is a popular open source VoIP program for making audio calls. This service is 100 percent free. Upon signing up (you do not need any personal information and it allows you to register using the Tor Browser), you will receive a virtual phone number (ten-digit number) that can be used to contact other Ghost Call numbers only.

Gruveo

Gruveo ( https://www.gruveo.com ) is a free, anonymous video-calling service. You do not need to supply any personal information to use it; just enter a username and the site will give you a code that you need to give to your correspondents to join the conversation.

Another IM program that works only on iOS is ChatSecure ( https://chatsecure.org ). This is an open source program configured to use OTR over XMPP.

What Is Digital Steganography?

In digital steganography, the carrier used to conceal the secret message within it can be of any type. In reality, nearly any digital file type can be used to conceal data. See Figure 5-57.

Figure 5-57. How digital steganography works

Steganographic techniques have been used since the dawn of history. Ancient civilization used physical mediums like paper, eggs, invisible ink, and even human skin to conceal secret messages. However, with the advance of computers and the Internet, modern techniques were developed to conceal data in digital files without affecting its visual appearance/quality.

In this section, we will cover digital steganography only and describe how you can use it to conceal your secret messages from an outside observer using different digital file types such as text, image, audio, and video files. Digital steganography does not alter the structure of the secret message but hides it in an overt file so that it cannot be seen.

Secret data may also be hidden inside the Windows file system (NTFS file system). Indeed, there are many techniques you might use to exploit the NTFS Windows file system to conceal secret data or an executable malware program. However, to remain within the book’s scope, we will limit our discussion to using steganography to conceal users’ private data only.

Differences Between Steganography and Encryption

Both steganography and cryptography (we mean encryption here) share the same goal of securing transmitted messages. However, they differ in the methods used to achieve this goal. The term cryptography describes all the techniques used to obscure data, whether it is scrambled and hence encrypted or concealed using steganography techniques. However, digital steganography has evolved a lot in recent years as a result of the huge advancement of computing and networking technology. Table 5-2 differentiates between the two techniques.

The majority of steganography applications combine both encryption and steganography to achieve their goal of secrecy and security. Obviously, combining both techniques boosts IT/cyber-security and gives strong protection for sensitive data, whether it is at rest or in transit.

Digital Steganography Techniques

To conceal your secret message inside digital files, you need to use one of the following techniques.

Digital Steganography Types

There are different ways to categorize steganography techniques. To keep things simple, we will categorize them according to the type of overt file used to conceal the secret message.

Text Steganography

This is a type of steganography that uses text files to conceal secret data within them. Historically, written letters were the main medium used to conceal secret messages. However, with the advance of computing, digital text files replaced the physical paper messages. This type of steganography is considered impractical in today’s digital world, as it can conceal only small amounts of data compared with other digital file types. Some examples include inserting spaces between words and/or inserting one or two spaces at the end of each line to store hidden bits. Microsoft Word text documents offer many places to conceal data using different formatting features such as the following:

• Using the hidden text feature

• Making text white on a white background

• Reducing the text size to 1 pixel

• Hiding data within document attributes (metadata)

Using the RTF File Type to Conceal Secret Data

Rich Text Format (RTF), which is a proprietary document file format developed by Microsoft, can be easily used to conceal data within it. You can create RTF documents by using WordPad or Microsoft Office Word and saving the file in RTF format. To conceal your secret data, right-click the RTF file and select “Open with” from the Windows context menu; then select Notepad to view the raw source file of the RTF file. You will notice that the source code contains tags similar to HTML files that do not appear when viewing it using the regular Microsoft Word processor. Anything enclosed within the tag {} will not display in a regular viewer; in addition, anything written after the closing bracket, }, will get ignored (see Figure 5-58).

Figure 5-58. Concealing a secret message after the EOF within an RTF document

Change of Spelling

A secret message can be concealed within ordinary text by changing the spelling of some words or even the entire overt message’s words. This technique is also effective to fool surveillance software used by governments to monitor inbound and outbound traffic. Surveillance systems and many firewall solutions used by giant enterprises are mainly dependent on finding interesting keywords while scanning the network traffic; by changing the spelling of important words, you can safely avoid being captured by such machines. http://txtn.us is a web site that provides free tools for transforming Unicode text into another string that looks visually similar to the original text; however, it is read differently by automated monitoring machines. See Table 5-3 for illustration.

Table 5-3. Changing Spelling to Fool Surveillance Systems

Note

You can conceal secret messages within Twitter tweets in plain sight. http://holloway.co.nz/steg/ is a web site that offers such a service.

Image Steganography

This is the most commonly used file type to conceal secret data. What makes this type popular is the huge number of images exchanged daily online. People tend to post a large volume of images to social networking web sites or cloud-based photo storage. In addition, exchanging images in e-mails does not raise suspicions about the possibility of the existence of hidden data. Image steganography works by embedding a secret message inside the overt file (hence the image) using a predefined steganographic algorithm; this produces what is known as a stego-image. This stego-image is then sent to the recipient, who will use the same algorithm to extract the hidden message from the overt file.

Concealing Messages After the End-of-File Marker

Experiments show that secret data text files can be embedded within images without leaving any visual effects on overt files. You can achieve this by inserting the text file that contains your hidden data after the end-of-file marker. To demonstrate how to do this trick, prepare a JPEG image and a text file that contains your secret data. Launch a command prompt elevated as the administrator, change to the working directory where the image and text file reside, and type the command shown in Figure 5-59.

Figure 5-59. Concealing a secret text file within a JPEG image

Here you have combined your secret file named secret.txt within image.jpg and output the result, which contains the secret file, as result.jpg. To view the secret message, you can simply open the stego image result.jpg using Windows Notepad to view its source (see Figure 5-60). The secret message will appear after the end of raw code.

Figure 5-60. Using Windows Notepad to view concealed data within a JPEG image after the end-of-file marker

After concealing something using this method, the image quality or appearance will not change. However, you should make sure to avoid inserting a large amount of secret text within the overt image, as its size will increase, which may be suspicious if investigated. Data concealed in this way has some limitations. If you update the image (resize it, change the format, edit it, or crop it), the secret message will get destroyed.

The previous method can conceal text files only. However, if you want to conceal other file types (binary files or Microsoft Office documents, for example), you can do the same steps, but instead of storing your secret data within a text file, use the zip format and then insert your secret like you did in your last experiment.

Concealing Within Image Metadata

This was already covered in Chapter 2 from a different viewpoint. For instance, a large amount of secret information can be concealed within digital image metadata easily and even without using any third-party tools. The following programs can be used to edit image metadata and to insert new metadata without affecting the image’s visual appearance:

• Exif Editor ( www.colorpilot.com/exif.html )

• Metadata++ ( www.logipole.com )

• PhotoME ( www.photome.de )

• XnView ( www.xnview.com/en )

Digital Steganography Tools

You can use many steganography programs to conceal secret information within images and other digital file types. The main advantages of such programs, in addition to being easy to use, are that they offer an encryption feature for the concealed data. As you already saw, secret information can be concealed easily in digital files and in plain sight without encryption. However, if an outside observer expects a hidden message in an overt file, he or she can detect and read the hidden message easily. As a result, it is advisable to encrypt your secret message before concealing it in a digital medium, so if an observer were successful in detecting the secret message, he or she could not read it.

We will not demonstrate how to use steganography tools because they are straightforward. Table 5-4 lists the most popular tools.

Table 5-4. Popular Digital Steganography Tools

Program	Supported Overt Files	Support Encryption	URL
Crypture	BMP	Yes	http://sourceforge.net/projects/crypture/
OpenStego	Different media files	Yes	www.openstego.com/
Gifshuffle	GIF	Yes	www.darkside.com.au/gifshuffle/
wbStego4open	Bmp, text files, HTML, PDF	Yes	http://home.tele2.at/wbailer/wbstego/fs_home.html
Our Secret	Image, audio, and video files	Yes	www.securekit.net/oursecret.htm
SilentEye	JPEG, BMP, WAVE	Yes	www.silenteye.org/
Steghide UI	Different media files	Yes	http://sourceforge.net/projects/steghideui/
Camouflage	Different media files	Yes	http://camouflage.unfiction.com/
DeepSound	Audio files	Yes	http://download.cnet.com/DeepSound/3000-2092_4-75758214.html

Warning

If you are living in or planning to visit a country where encryption is banned by law, do not encrypt your message before concealing it in another digital file because surveillance systems can detect encrypted data.