The drawback of full disk encryption

January 3, 2012

Via Hacker News I saw that the EFF's suggested New Year's resolution is full disk encryption on every computer you own. When I saw this I did something halfway between wincing and grinding my teeth. The issue is that full disk encryption has a significant downside, and because of this downside choosing full disk encryption is making a much deeper choice than you might think.

The downside is simple: the failure mode for meaningful full disk encryption is catastrophic data loss. If you forget your password it is game over; there is no recovery possible. Whether temporary or permanent, unless and until you remember the encryption password all of your data is gone. There is no secondary access password, no emergency back door, no special rescue mode the way there is with most other security measures.

(Some disk encryption schemes will also cause total data loss on other events, but let's assume that your disk encryption software is perfect.)

Fundamentally, using disk encryption is rainbow book security in that explicitly or implicitly you're choosing non-disclosure over availability, where you would rather risk losing your data entirely than for potential bad people to have access to it. Under some circumstances this is the right decision; for example, if you can easily restore all of the data on your machine from other sources (and especially if the data is sensitive). Under many circumstances it is probably not the right decision; you would rather have less chance of losing the data even if it means that a bad person might get access to it. Certainly the latter is the case for me. I would generally much rather have a bad person have my data (or a copy of my data) than run the risk of losing it; in the long run my data is (much) more valuable than my privacy.

I don't object to people who've considered these issues deciding that full disk encryption makes sense for them and going ahead with it. But I get annoyed when a respected source gleefully advises people to do this without talking seriously about the very real downsides and risks. The EFF does advise you to save your password somewhere, but I don't think that this goes far enough.

(You may think that the risk of forgetting your password is very low. Let me assure you that over the years I have temporarily forgotten or gotten confused over at least my ATM PIN, my Unix login password, and more than one root password, all of which I use all the time. Perhaps I'm unusual, but with frequently used passwords I get to a state where I don't actually think about the password as I enter it and in fact getting jarred into thinking about what the password actually is is a great way to get completely confused about it, much like the centipede and his legs. The less I'm normally aware of the password, the harder it is to recover from this.)

Comments on this page:

From at 2012-01-03 10:21:12:

I use full-disk encryption on my laptop and keep unencrypted full system backups on a hard drive at home. That puts my mind completely at ease. Now, if we could get hard drives and SSDs to stop failing we'd be all set!

Ryan @profpolymath

From at 2012-01-03 13:33:45:

Many systems support multiple keys (e.g. dm-crypt). Just keep one sealed in a safe.

From at 2012-01-04 01:58:22:

Full disk encryption with regular (and tested) backups is my preference. I'll never walk around with an unencrypted laptop.

By cks at 2012-01-04 11:41:35:

As it happens, dm-crypt and other multi-key systems have issues that increase the chances of data loss. I wrote them up in DiskEncryptionAndKeying.

Written on 03 January 2012.
« An example sort that needs a comparison function
How to lose your data with full disk encryption the easy way »

Page tools: View Source, View Normal, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Tue Jan 3 00:11:47 2012
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.