After the weakness known by the name of "Evil Maid Attack" demonstrated the vulnerability of classic fixed disk encryption systems, many providers of encryption software declared that in the event of - even multiple - physical computer attacks, the protection of the encrypted data could not be guaranteed or only at great expense. "We were not satisfied to leave it at that and with our Preboot Authenticator, we now offer a simple and favorably priced supplement to the most popular full fixed disk encryption programs," explains Axel Stett, COO of certgate GmbH. "Our token makes the programs not only resistant to bootkits but also simplifies the handling of fixed disk encryption software enormously for the user." Certgate has registered the underlying procedure for patent protection.
The "Evil Maid" attack made headline news when it emerged that even encrypting fixed disks offers no great protection from data theft if an attacker - in this case, the room maid - has access to a switched-off computer or notebook for only a few minutes. In the first attack a compromised boot loader is transferred from a USB stick to the computer. A key logger then logs the encryption password the next time the user starts the computer and saves it for access by the attacker. Returning the next day, the "room maid" finds the password and can then freely access the data on the fixed disk.
The Preboot Authenticator from Certgate replaces a long, difficult-to-remember password (ideally a string of random alphanumerical characters at least 32-digits long) by a real 2-factor authentication with simple 4 to 6 digit PIN, without weakening the cryptographic security of the system. The Certgate microSD SmartCard is used to authenticate the computer both via a commercially available USB adapter and via a smartphone with which the crypto card can be connected.
In the current version, Certgate has extended the Preboot Authenticator to include a defence function against bootkits. The Preboot Authenticator compares the boot sector on every computer with an image saved on the crypto card every time the computer is switched on and prevents the operating system from starting if changes are discovered.
