Lab: Encryption software & secure deletion & data recovery

Introduction

The aim of this lab is to introduce encryption software, which can be used to protect the data that is stored locally. We will focus on desktop platforms as it is rather easy to enable encryption on Android and iOS devices (the instructions should be available in the corresponding lecture notes). While the lab tasks are designed to be solved on a Windows platform, it is possible to do some of the tasks also using MacOS or Linux distributions.

There are three main tasks in this lab. First, we will see that in some cases it is trivial to recover deleted files even with freely available tools. We will use Recuva to recover files that were deleted by emptying the recycle bin. The aim is to get the experience of using a tool that allows to recover data. Thus, the students who solve the lab tasks at home are allowed to use alternative tools. They can try to recover data from their own computers.

The ease of recovering data gives motivation for both securely erasing data and for encrypting data. Thus, the next task is to use software, which allows to securely erase data. On Windows platform we use BleachBit for this task.

The final and main task of this lab is to use software, which allows to encrypt the data that is stored on the local machine. We will focus on VeraCrypt, which is a tool that works cross-platform, uses strong cryptography, and has a simple user interface.

Setting up the lab environment

Instructions for setting up the lab environment: https://courses.cs.ut.ee/2024/infsec/fall/Main/LabConfiguration.

1. How to view & edit EXIF data

Let's use exiftool to view EXIF metadata included in photos. The metadata can contain GPS coordinates, name of the photographer, and information about the camera that was used to take the photo.

Although, exiftool is designed to be used from the command line, it also supports drag and drop functionality. Thereby, it is possible to drag a photo into the exiftool window to display its metadata.

First, try to use exiftool. Navigate to the virtual machine desktop, open the folder exiftool-12.20, and start exiftool. After a few seconds a manual for the command line commands is displayed. In case you do not wish to use the command line, select the image that is of interest to you, select it with a mouse click, and drag and drop it on top of the file exiftool(-k).exe.

A black screen appears for a few seconds, after which the image metadata is displayed. You can use sample photos that contain GPS coordinates. If you wish to get the GPS coordinates in a format that is acceptable for Google Maps, use the following command: exiftool -c "%.6f" filename.

In addition to viewing metadata, exiftool also allows to remove either parts of the metadata or all of the metadata. However, this has to be done by using the command line. In case you are not afraid of the command line, try to remove metadata from an image. However, as an alternative you can use ExifCleaner, which is already installed in the virtual machine.

The command to remove all metadata is exiftool.exe -all= name_of_photo.jpg. However, in order to change the contents of the file, the name of the tool has to be renamed to exiftool.exe. As this task may seem complicated, you can also use ExifCleaner tool to remove image metadata. Once you have gotten used to exiftool and/or ExifCleaner, solve the following task.

Exiftool task and submission form

Download one image from the list of sample files and follow the instructions. (2p)

1. Remove the metadata from this image.
2. Use exiftool to check that the metadata was removed/cleaned.
3. Edit the metadata according the following instructions.
   1. Right click the image and select Properties -> Details.
   2. Find the field with the label Author and enter your pseudonym for the information security course. You can find your pseudonym from the top right corner of this page by viewing your profile (this requires that you are logged in).
   3. Click Apply and OK.
   4. Use exiftool to check that the metadata has been modified according to the instructions. If this is the case, submit the file as a solution.

Data recovery & secure deletion

Before we move to encryption we will see why secure erasure is useful. This is also a motivation for using encryption as the attacker would not be able to access insecurely erased data in case the data is encrypted.

We will try out software Recuva Free and Bleachbit. Recuva allows to restore files while Bleachbit is used for secure deletion.

• Lab exercise 1: Start Recuva Free and understand how it works.
  • Use Recuva Free to find deleted files from the partition "Virtual USB". Make sure to check the box named "Deep Scan" as otherwise the files may not be found.

• Where should the recovered files be written?
• Homework task: Right click the recovered picture and select Properties -> Details. Edit the meta-data of the file by writing your pseudonym into the Tags field. The solution files are graded automatically, which means that you will have to enter the information to the correct field. You can find your pseudonym either from the study information system or from the top right corner of the courses.cs.ut.ee page by clicking on your name -> My data (you have to be logged in). Save the changes to the image and submit the picture as part of your homework solution.''' The solution has to be submitted through the form below. You will have to log in to courses.cs.ut.ee with your university credentials to be able to submit the solution.
  
  In case you can not use the virtual machine it is also possible to try out other file recovery tools on your own. In that case you have to write a brief overview of the user experience of the corresponding tool and take a screenshot of the process of recovering files. As an alternative option, it is also possible to solve this task in the second lab.

Encryption software

In principle encryption software can be divided in two categories. First, some software is for encrypting individual files and folders in a computer. For example, one can use such software to encrypt only work-related documents. Windows Encrypting File System, VeraCrypt, Cryptomator and even PGP are examples of software that allow to encrypt individual files or folders.

It is important to understand that all other files are left unencrypted. In addition, the temporary files created when opening an attachment from e-mail or editing an Office document may be placed outside the encrypted folder by the operating system. Also, operating system profile setting as well as web browsing history remain unprotected in this case.

Another approach is to encrypt the whole disk, including the system drive. The system drive is a disk (or its partition) where the operating system files reside and that is used to boot up the system. In Windows, the system drive is the C:\ drive, in macOS and Linux it is where the root file system / is. When the system drive is encrypted, access to the decryption key is required right after starting the computer, and before the operating system can start loading. Usually the decryption key is unlocked with a password, which is entered by the user. However, it is sometimes also possible to use a physical token to provide the means to access the decryption key in a more secure way.

Most operating systems have system drive encryption software bundled with them. For Windows there is Bitlocker, although is is available only for more feature-full versions of Windows (Enterprise, Ultimate, Server). In macOS there is FileVault 2 and in many Linux distributions LUKS and DM-crypt are most used. VeraCrypt works on all of the three operating systems, although for system drive encryption it is used mostly in Windows.

Windows Encrypting File System

This subsection describes Windows Encrypting File System, which in practice has multiple security issues. Thus, we do not recommend to use it for providing confidentiality to your files. The next mandatory task is in the next section and covers the encryption of zip files.

Windows Encrypting File System (EFS) is a feature in the NTFS file system that is used in the Windows operating system. It allows the user to encrypt individual files, folders or even all files in a drive very easily. However, EFS cannot be used to encrypt the system drive. EFS is available since Windows 2000, but it is unsupported in some cheaper versions (e.g. Windows 7 Starter, Home Basic, Home Premium).

Windows EFS generates a separate encryption key for each file. This encryption key is then encrypted with user's password and bundled with the encrypted file. Hence, the file encryption is a s strong as the user's login password. Moreover, since the encryption keys are tightly connected with the user's Windows login account, it is advisable to export the certificate used for EFS and keep it in a safe place. Otherwise the encrypted files become inaccessible if something should happen to the Windows user profile. Recovering encrypted files also requires Windows operating system with EFS support.

While it seems easy to use, we do not recommend to rely on EFS. The design of EFS complicates moving of encrypted data between different computers, storing backups, restoring data. It also does not provide a high security level due to the decryption keys being tied to the Windows user account password, which is usually rather weak. In addition, when encryption individual files, the metadata and temporary files remain unencrypted and can leak information about the contents of the encrypted file.

Staring EFS service:

1. Start services.msc
2. Find Encrypting File System (EFS) from the list
3. Start EFS and make it automatically start on boot

Using EFS:

1. Choose a file or folder to encrypt
2. Right click on it and choose "Properties" -> "General" -> "Advanced" -> "Encrypt contents to secure data"
3. Don't forget to backup the user profile certificate

Encryption of Zip files

One of the simplest ways to protect the confidentiality of files is to compress them into an encrypted .zip container. Such a solution is convenient as only a password is required to decrypt and software for opening Zip files is rather common. However, this does not mean that any software that provides the option to encrypt .zip files is written correctly. Multiple vulnerabilities have been found from such software, and thus using the encryption functionality provided by the zipping software is not recommended for highly classified information. Still, using it for regular files should provide a sufficient level of confidentiality, given that the software is updated and properly configured.

In this lab, we are using 7-Zip, which is a free and open-source zipping tool. In order to encrypt files with 7-Zip, a password has to be entered while creating a zip archive. To do that, right click the file or folder that you wish to compress and select: "7-Zip" -> "Add to archive...", like it is shown on the screenshot below.

Next, select that you wish to create a .zip container as this is the format that is likely to be handled by the software provided with the operating system. Now, the important step is to select a secure encryption algorithm. By default, 7-Zip uses ZipCrypto, which is insecure. Thus, this selection has to be changed into AES-256. However, due to the non-standard configuration, not all tools are able to decrypt the .zip files. This is a sacrifice that has to be made in order to get sufficient confidentiality guarantees.

Finally, the password has to be inserted. This is a critical step as we already mentioned in the lecture. The password is used to protect the encryption key, which will be packaged into the zip file. Thus, the level of confidentiality provided by the encryption is directly related to the complexity of the used password.

Lab task and submission form

Encrypt a file with 7-Zip and submit it as a solution to this task. You must follow the requirements that are described below in order to get full points. The submissions are graded automatically, which means that in case the requirements are not followed you may get 0 points. (1p)

• There has to be one text file (.txt format, not .docx, not .pdf, etc.) in the zip container. The name of the zip file has to be your family name, for example Krips.txt. In the first row of the text file has to be your pseudonym, which you can find under you courses.cs.ut.ee profile (log in to find your profile from the top right corner of the page).
• Thus, the zip file has to be small (less than 500 kB)
• The password has to be "123456789" (written without the quotes). In case the zip file does not decrypt with the password 123456789, the grading system will automatically assign 0 points for this task.

VeraCrypt

VeraCrypt is a popular open source software for encrypting individual files or whole storage devices (hard disks or USB sticks). It provides on-the-fly encryption so files are transparently encrypted or decrypted while in use. Like all other solutions mentioned here, it uses symmetric encryption to encrypt files.

VeraCrypt's strengths are it's open source code (hence, transparency) and the fact that it is supported on all major operating systems (Windows, macOS, Linux). This allows for easy secure file exchange between different platforms.

1. Installing VeraCrypt (already installed to the virtual machine)

VeraCrypt is available from its webpage at https://www.veracrypt.fr/en/Home.html

Run the downloaded installer and

1. Accept the license
2. Click "Continue"
3. If needed, change the installation location and click "Install"
4. Finish installation and run VeraCrypt

2. Encrypted file container

The simplest way to protect a small amount of files is to put them together in a single encrypted file, a container. It is also convenient to backup this container or move it to another computer. By using a strong password the files are kept confidential even when the container should leak - without the right password it looks like random data.

Exercise

Creating a new container:

1. Click "Create Volume"
2. Choose "Create an encrypted file container"
3. Choose "Standard VeraCrypt volume"
4. Click "Select File" and save the new container as a file (for example myfile.hc). Note: .hc is the default VeraCrypt file extension, but you can use any extension, even .pdf or .docx to look less obvious.
   Click "Next"
5. Click "Next"
6. Let's make a small container: 10 MB
7. Choose a password and memorize it. It should be a strong password, but in the lab you can also use something short and simple for testing. You will be given a warning but it can be ignored.
8. Click "Format". Collecting randomness to generate a strong key may take some time.
9. You will be offered to create another container. You can choose "Exit" if you don't want to create a second container.

Using a file container:

1. Click "Select file" and locate your container (myfile.hc)
2. Choose a drive letter, for example Z:
3. Click "Mount"
4. Insert password. You can first try a wrong password to validate that you will get an error, then use the correct one. Checking the password is deliberately made slow in order to make cracking the password hard.
5. Right click on the chosen drive letter and choose "Open" or double-click the chosen drive letter.
6. Copy some files to the drive (Z:\)
7. Close the drive window
8. Click "Dismount" in the VeraCrypt window
9. Validate that the copied files are really in the container by following steps 1-5 again. Then don't forget to dismount the drive.

Homework task

Create an encrypted file container with VeraCrypt and submit it as part of the homework. Follow the instructions in the lab session page on how to install and use VeraCrypt. (2p)

• The container itself should be small (500 kB)
• The password must be "security24" (written in lowercase)
• Create a text (.txt) file in the container that has your family name as filename, e.g. Krips.txt or reuse the previously generated textfile. You can replace special symbols when writing the name. The file content is not important.
• Make sure that you are able to mount the container with the correct password and then submit the VeraCrypt container as a solution.

3. Encrypting a USB stick / encrypting a partition

One way to securely transport files is to create an encrypted container like described in the previous section and then carry it along on a USB stick. However, VeraCrypt can also encrypt the whole USB drive (i.e., it can encrypt partitions).

USB drives usually have a single partition, but it is possible to add and remove partitions just like on a hard drive. Encrypting a partition commonly requires formatting, so all of the files there must be backed up before starting this process. VeraCrypt also provides the more experimental functionality to encrypt the files in place that are stored on the partition. However, this feature is not guaranteed to not destroy the files.

1. Click "Create volume"
2. Click "Encrypt non-system partition/drive"
3. Click "Standard VeraCrypt volume"
4. Choose a partition you want to encrypt by clicking "Select drive" and selecting a partition. If you do this task using the given virtual machine, then choose the "Virtual USB" partition. Files on that partition that you want to keep should be backed up at this point.
5. Click "Next" and then again "Next"
6. Choose a strong password and/or create a keyfile. The password and keyfile together form the encryption/decryption key. A keyfile should be kept separately from the USB stick and protected against theft. If either of the password or keyfile is lost, the encrypted files cannot be restored.
7. Click "Next", choose "Quick format" and click "Next"
8. You can now try to make random movements with your cursor to generate entropy for generating the encryption key. Then click "Format" and "Yes".
9. Click "Next"
10. Using the encrypted partition is similar to using an encrypted file container, but start with selecting "Select device".

Of course, if you want to use this encrypted USB stick in another computer, it must have the VeraCrypt software. For computers where you do not have permission to install new software, there is also a possibility to create a portable VeraCrypt version from Tools -> Traveler Disk Setup... A good idea is to create two partitions on your USB stick: one encrypted and the other unencrypted, holding the portable version of VeraCrypt.

4. Encrypting system drive

As mentioned before, VeraCrypt also allows to encrypt the system drive (or any other drive, actually). This can be done by clicking "Create volume" and then choosing "Encrypt the system partition or entire drive" or Choosing System -> Encrypt System Partition/Drive... from the menu. The rest of the process is similar to creating an encrypted container or USB drive. In the process, VeraCrypt also generates a System Rescue CD where it writes the encryption key encrypted with the chosen password. This CD is needed when the hard drive's boot section gets corrupted for some reason.

Depending on the drive size, encrypting the whole disk may take a lot of time. However, VeraCrypt encrypts the disk on-the-fly and in the background so you can continue to use the computer normally during this time.

Truecrypt and the history of VeraCrypt

VeraCrypt is one of the successors of a very popular open-source disk encryption software Truecrypt. Although a popular software, there were some facts that brought up questions about Truecrypt:

• The authors of Truecrypt are anonymous (at least to the public) and thus it is not known what was their motivation on creating such software.
• It was hard to validate if the distributed binaries were really built from the published source code.
• Truecrypt source code was not audited for a very long time. Hence, there was no guarantee that it didn't contain any back doors. In fall 2013, Matthew Green and Kenneth White started a campaign to audit it's source code. More information on it at http://istruecryptauditedyet.com/.
• In May 2014 the developers of Truecrypt unexpectedly announced that they will discontinue developing the software and advise not to use Truecrypt as it might have security vulnerabilities. It is not known what was the reason for making such a statement. The Truecrypt web page was replaced with a tutorial on migrating to another software. It was decided that the aforementioned security audit would still be finished.
• In April 2015, the security audit was finished and no alarming security issues were identified.

Some people still use(d) the last stable Truecrypt version 7.1a, as this was the audited version. However, since Truecrypt code is not maintained anymore, it is clear that any potential security vulnerabilities will also remain unfixed and some such vulnerabilities have already been found. Thus, it is advisable to use some of its up-to-date copies, e.g. VeraCrypt. VeraCrypt maintains most of the user interface of Truecrypt and can even open old Truecrypt containers. Most importantly, it also receives security patches, if necessary.

Encrypting individual files for cloud storage

VeraCrypt's encrypted file container is a convenient way to securely store or transport files, but it does not suit well with the use case where files need to be synchronized between computers backed up using cloud storage services (Dropbox, Google Drive, Microsoft Onedrive, etc.). The problem here is that VeraCrypts's encrypted file container is actually a single file, so when even one file in the container is changed, the whole container changes and needs to be uploaded to the cloud service again.

This problem can be solved by encrypting each file separately. When a file is changed, only this file is uploaded to the cloud service, just as with unencrypted files. Also, the encrypted files are about the same size as the originals. The files are encrypted in the user's computer before uploading them to the cloud service. The same holds for decryption, so the cloud service provider never sees unencrypted version of files. For example, this functionality is provided by Cryptomator.

To start using such encryption software (for example Cryptomator), the user first has to choose a password and a folder where the encrypted versions of files are kept. This should be the folder that is synchronized to the cloud, e.g. some subfolder of Dropbox. Secondly, the user chooses a drive (or folder in case of Linux) where the encrypted files are available in decrypted form. This is the virtual drive where the user can access the files. Unencrypted files are never stored on disk, the encryption and decryption is done on-the-fly.

Cryptomator

https://cryptomator.org/ is a free open source software doing exactly the same - it protects contents of a folder with a password and shows unencrypted view of those as a separate drive (or directory in case of Linux). It functions on all major operating systems, including iOS and Android.

Unfortunately Cryptomator does not work in the virtual machine that we are using in the lab.

Ending the lab

• After uploading the solutions close the virtual machine. Open the Start menu and select "Power" -> "Shut down".

• Next, remove the previously imported virtual machine from the main VirtualBox window. To do that, right click on the name of the virtual machine and select "Remove...".

From the dialog window select "Delete all files".

• Finally, make sure that you log out of the lab computer. We will give minus points to the students who leave the computer class without logging out from their accounts.

Further reading

• Bitlocker
  • Overview by Microsoft: BitLocker (2024)
• VeraCrypt
  • Security Evaluation of VeraCrypt (2020)
• TrueCrypt
  • The audited version of TrueCrypt and its binaries (2014)
  • Security analysis of TrueCrypt by BSI (2015)
• Cryptomator
  • Cryptomator Documentation (2024)