Data recovery is a very complex process requiring the use of advanced techniques to discover, locate and extract information. If there is one thing more complex than recovering lost data it’s the job of recovering lost data that has been encrypted. In this article we’ll cover the many types of encryption used in a typical Windows system, and describe approaches and techniques for recovering encrypted files.
- The Types of Encryption.
- Hard Drive Encryption.
- ATA Passwords.
- Whole Disk Encryption (BitLocker, TrueCrypt, PGP WDE).
- Recovering Files and Folders Protected with NTFS Encryption.
- Recovering Encrypted Archives and Documents.
The Types of Encryption
In today’s world, there are several classes of encryption used to protect information. First comes hardware encryption, the one that encrypts every bit of data written onto a physical hard drive. Then comes a higher-level volume-based encryption (sometimes called “whole disk encryption”, yet the term is not exactly correct). There is also file system based encryption unique per user account. Last but not least there’s also encryption protecting individual files (such as ZIP and RAR archives or Word documents) with a password.
Let’s see how these types of encryption differ, and what is the best approach to recovering the data in each case.
Hard Drive Encryption
Many newer hard drives, especially the removable USB type such as higher-end WD Passport models, can be encrypted out of the box regardless of which operating system is trying to access the drive. If this protection option is activated, the hard drive stores data encrypted. The most common encryption algorithm is AES. The hard drive controller is responsible for handling all I/O operations on the encrypted drive, encrypting and decrypting data on the fly as information is being read from or written onto the device.
The encryption can be configured to request a password every time the hard drive is powered on or only request a password if the hard drive is connected to a new device. In the latter scenario, the AES encryption key is stored in the computer’s Trusted Platform Module (TPM), allowing caching the encryption key while the hard drive is powered off.
The purpose of hardware-based encryption is protecting encrypted data against a cold boot type attack. If a removable drive is hardware-encrypted, no one will be able to access information from that drive without entering the correct password. Note that the entire hard drive gets encrypted including the partition tables, the file system, and the OS boot partition. In other words, absolutely everything on the hard drive becomes encrypted.
When activated, AES encryption has little or no performance penalty because the encryption is handled by the hard drive controller and not the computer’s CPU. You may experience slightly higher access latency and slightly reduced read-write speeds, but no major performance impact is observable.
From the OS point of view, accessing encrypted information is no different from accessing an unencrypted device because all encryption-decryption operations happen on the lowest possible level inside the hard drive. As a result, recovering information from a hardware-encrypted HDD works in exactly the same way as recovering data from an unencrypted one – except that you’ll need to enter the correct password in order to mount that hard drive if you’re going to work from a different PC than it was originally attached to.
Please note that there is no way around the password if the hard drive is AES-encrypted.
Let me add that there are also so-called ATA passwords that can be used to protect hard drives against casual attackers. Hard drives locked with ATA passwords will not mount unless the correct password is entered. However, the actual data stored on such hard drives is not hardware-encrypted; the ATA password merely blocks access to data but does not modify information in any way. While there is no easy way to gain access to the password-protected drive without entering the correct password, it is possible to read the password directly from the hard drive’s firmware. Tools such as HDD Unlock (software) or Atola (hardware boxes) are readily available (yet not very affordable). Once the ATA password is extracted, there is nothing preventing reading the hard drive and recovering information it contains.
Whole Disk Encryption (BitLocker, TrueCrypt, PGP WDE)
So-called whole-disk encryption tools such as Microsoft BitLocker, PGP WDE and TrueCrypt operate on a higher level compared to AES-based hardware encryption. Whole-disk encryption is handled by the operating system (or by a third-party application), and requires an unencrypted system volume (or at least a part of the volume) to boot the OS from.
The most common type of encryption, and the one you’re most likely to encounter, is BitLocker. BitLocker is an integral part of Microsoft Windows since Windows 7. In Windows 8, 8.1 and Windows 10, BitLocker encryption activates automatically when certain conditions are met (this most frequently happens on Windows tablets and ultrabooks).
BitLocker encrypts the entire system partition (disk C:) including Windows files and Windows registry. A small portion of files containing no personally identifiable information remains unencrypted to allow Windows to boot. BitLocker encryption key is stored in the computer’s TPM (Trusted Platform Module) chip. If the disk (SSD or eMMC chip) is moved from the original PC and inserted into a different one, the new system will prompt for a BitLocker Recovery Key that can be obtained by logging in to your Windows Account (http://windows.microsoft.com/is-IS/windows-8/bitlocker-recovery-keys-faq).
The BitLocker Recovery Key is mandatory when recovering information from a BitLocker encrypted volume and using the disk in a different system. If, however, your BitLocker volume can be mounted and decrypted without asking for a Recovery Key, you’re good to go.
BitLocker is designed to protect the disk against cold boot attacks. Unlike AES hardware encryption, BitLocker only encrypts individual volumes, leaving the partition table and all the extra partitions (e.g. the recovery partition) unencrypted. Since BitLocker encryption is managed by Windows, encrypting and decrypting data occurs in the computer’s main memory (RAM) and consumes CPU cycles. Modern Intel CPUs such as i5 and i7 implement specific instructions for accelerating encryption, so the actual real life CPU load is very low. Still, BitLocker encryption introduces a higher performance penalty compared to hardware AES encryption.
Unlike Apple’s implementation, Microsoft BitLocker does not maintain the list of unique encryption keys for each block on the disk. Instead, a single encryption key is used for the whole set of data. The important consequence is that blocks containing deleted files can be decrypted using the volume encryption key. (In Apple iOS, a list of block-level decryption keys is maintained; each block on the disk is encrypted with its own unique decryption key. When a file is deleted and its data blocks become available, decryption keys for these data blocks are immediately destroyed rendering the data in those blocks completely non-decryptable).
When recovering information from BitLocker volumes, you can continue using your favorite data recovery tools such as Partition Recovery Software or File Undelete Software. However, some legacy data recovery products may not play well with full-disk encryption since they may attempt reading the disk on block level instead of going through Microsoft disk access API, which will result in them reading raw (encrypted) data instead of already decrypted information.
Recovering Files and Folders Protected with NTFS Encryption
While BitLocker encryption provides device-level protection, it does offers no protection from other users of the same computer. If a BitLocker is mounted, all user accounts registered on the computer (including the Guest account) will have equal access to encrypted data. If user-level protection is required, files can be additionally encrypted via the file system.
Encrypting files and folders with NTFS is easy. Just right-click on a file or folder you’re about to encrypt in Windows Explorer, select Properties, locate Attributes, click Advanced, then check the Encrypt contents to secure data box. The folder (or files) you selected will be encrypted with a binary encryption key that is unique to your Windows account. Users of other Windows accounts on the same PC will not be able to access your encrypted files and folders.
NTFS encryption key is based on your account password (notably, all older passwords you used to use on your account after activating encryption will also work for the purpose of decrypting data). You can change your password via Windows Control Panel by first entering your old password and then supplying the new one. If, however, your account password is reset (e.g. by the system administrator), then any files encrypted with NTFS encryption will remain encrypted. You will need to log in with your original account password in order to decrypt them.
NTFS-encrypted files are just files on the disk, although their content is encrypted. These files may or may not be recoverable depending on which data recovery tool you are using and whether or not you are logged in under the user account who’s login credentials were used to encrypt the files.
For best results, do the following:
- Use a recent version of a reputable data recovery tool (e.g. File Recovery Software or Partition Recovery Software).
- When recovering NTFS-encrypted files and folders, do your best to log in with account credentials of the user who’s files you are about to recover. If you fail to do that, the encrypted files will be recovered as encrypted, and the original user may not be able to decrypt them afterwards. Moreover, under such circumstances the content-aware algorithms used by tools such as File Recovery Software or Partition Recovery Software will not be able to read the content of encrypted files, which effectively disables signature search and negatively affects the chance of successful recovery.
Recovering Encrypted Archives and Documents
NTFS encryption is a great way to secure data that does not leave your PC. If, however, you move one or more NTFS-encrypted files onto a different disk or copy them to a USB flash drive, the encryption is no longer there.
Different methods apply for protecting files on external media. First, there’s BitLocker To Go, a version of Microsoft BitLocker that encrypts external media. BitLocker To Go protects the entire flash drive, encrypting all files and folders you copy onto that drive automatically.
However, BitLocker To Go does not allow sharing encrypted files by sending them as attachments or, for example, uploading into a cloud storage. This level of protection requires encrypting individual files with a password.
Many types of files can be encrypted by their corresponding applications. Microsoft Office apps (Word, Excel, PowerPoint etc.) can reliably encrypt files when you specify a password to open. For maximum security, make sure you’re NOT using “Compatibility mode” to save your documents. Make sure you’re saving files in the new .docx, .xlsx or .pptx format as opposed to the legacy .doc, .xls or .ppt. Decrypting such files requires the recipient to know your original password. Microsoft encryption on the new document format is extremely secure, making brute-force attacks on the password very slow (a simple 6-character password can take several weeks to break with high-end hardware).
Similarly, ZIP and RAR archives can employ encryption to protect the content of the archive. RAR encryption is more secure compared to the older ZIP algorithm in a sense it takes a much longer time to break passwords of the same length protecting ZIP and RAR archives.
Recovering encrypted files is similar to recovering unprotected ones, with one exception: if you are using a tool that implements signature search (content-aware recovery), make sure to pick one that explicitly supports the encrypted formats. Other than that, encrypted documents and archives have the same header and similar file structures, enabling signature-search algorithms to work without knowing the correct decryption password.