I gave a talk about the current state of full disk encryption at GPN23 (20.06.2025).
slides (pdf), submission, media.ccc.de, youtube
Submission / agenda
In theory, full disk encryption (FDE) just works. You just have to enable it. But in practice, cops get access to a lot of devices, even when they are encrypted.
I want to summarize the current state of full disk encryption. I will explain conceptional weaknesses/attacks, practical physical attacks (videos of live demos) and give recommendations. I will explain how TPMs work and how you can use them to increase (but also break) the security of your device.
The focus is on Linux and TPMs. I will briefly talk about the broken state of Smartphone Security and Window’s FDE Bitlocker. There is also Linux hands-on.
AGENDA
- Motivation & Threat Model
- Smartphone Security
- History of cold boot attacks
- Full disk encryption on Linux
- TPM 2.0 (How does it work? How can I use it? Attacks, benefits and problems)
- Windows FDE (is currently broken)
- How I do FDE on Linux
Licensed to the public under https://creativecommons.org/licenses/by/4.0/
Resources
-
Motivation & thread model
-
Smartphone Security
- Cellebrite leaks
- Auto reboot timer
- Chip-Off
- Budapest Komplex: https://alleantifa.noblogs.org/post/2025/05/26/21-05-2025-bericht-vom-17-prozesstag/
-
FDE on Linux
- https://srijan.ch/encrypting-an-existing-linux-systems-root-partition
- https://media.ccc.de/v/gpn20-32-poc-implementing-evil-maid-attack-on-encrypted-boot
- cold boot attacks
- demo: https://www.youtube.com/watch?v=XfUlRsE3ymQ
- https://trustedcomputinggroup.org/wp-content/uploads/TCG_PlatformResetAttackMitigationSpecification_1.10_published.pdf
- linux implementing: https://github.com/torvalds/linux/commit/ccc829ba3624beb9a703fc995d016b836d9eead8
- f-secure’s bypass: https://blog.f-secure.com/cold-boot-attacks/
- podcast by f-secure’s researchers: https://www.youtube.com/watch?v=2ww2R-CvPz0
- german talk https://www.youtube.com/watch?v=lwrpzTcyxPY)h
- https://www.kicksecure.com/wiki/Cold_Boot_Attack_Defense
- https://en.wikipedia.org/wiki/TRESOR
- https://www.kicksecure.com/wiki/Dev/confidential_computing#RAM_Encryption
- BusKill https://tech.michaelaltfield.net/2020/01/02/buskill-laptop-kill-cord-dead-man-switch/
-
TPMs
- TPM image: https://fahrplan.events.ccc.de/congress/2019/Fahrplan/system/event_attachments/attachments/000/004/103/original/36c3-hacking-tpm.pdf
- TPM explained: https://debugging.works/blog/tpm-explained/
- Gist - How to use a TPM on Linux: https://gist.github.com/kmille/1bc2e4b84adac13f4cc529e9f0b6391a
- TPM2 PCR Measurements Made by systemd: https://systemd.io/TPM2_PCR_MEASUREMENTS/
- attacks:
- TPM Sniffing: images https://pulsesecurity.co.nz/articles/TPM-sniffing https://blog.scrt.ch/2021/11/15/tpm-sniffing/
- https://pulsesecurity.co.nz/advisories/tpm-luks-bypass
- https://blog.securityinnovation.com/preventing-initramfs-attacks-tpm
- Stacksmashing - TPM sniffing: https://youtu.be/wTl4vEednkQ?si=nBcPMiFyu8MEpKb3
- Github Merge Request Systemd (TPM2 parameter encryption): https://github.com/systemd/systemd/pull/22630
- Windows & parameter encryption: https://security.stackexchange.com/questions/253776/why-does-windows-not-enable-tpm-2-0-parameter-encryption-to-protect-against-bus
- Pentesting company using TPM sniffing for red teaming: https://blog.scrt.ch/2024/10/28/privilege-escalation-through-tpm-sniffing-when-bitlocker-pin-is-enabled/
- TPM sniffing trainings/workshops
- how to enable TPM PIN on Windows: https://www.howtogeek.com/262720/how-to-enable-a-pre-boot-bitlocker-pin-on-windows/
- bitpixie vulnerability
-
non technical solutions for cops
- https://www.tagesschau.de/inland/innenpolitik/it-sicherheit-hacker-strafverfolgung-100.html
- BHG & fingerprint: https://www.lto.de/recht/nachrichten/n/2str23224-bgh-auflegen-finger-entsperren-handy-ermittlungen-dateien
- https://netzpolitik.org/2023/indymedia-linksunten-ohne-aussicht-auf-entschluesselungserfolg/