Attack on disk encryption tools

There's been an attack, called the backup attack, reported on all on-the-fly disk encryption tools by PMC Ciphers. In case a copy of an encrypted volume is made, and new data is added to the original volume, parts of the data can be revealed by diffing the 2 volumes.

Supposing one has a volume A, which is then copied to another location. This clone is called volume B. An image file is then added to volume A. The corresponding space in volume B contains known plaintext (all zeroes). Performing a bitwise subtraction of the data, can reveal parts of the image to the attacker. This works on volumes encrypted in ECB, Counter, CBC, LRW and other modes.

There are a couple of issues that remain unclear -

1. In case of sparse files, there is no data to perform a bitwise subtraction. On-the-fly encryption programs like Truecrypt offer this mode.

2. Bitmap files leak data more easily than other file types which have complex header types. The attack does not appear to be practical against these data types as even corruption of few bytes would render the whole file inaccessible.

The paper is available here.