Hard drive encryptions

BitLocker Drive Encryption is a full disk encryption feature included with the Ultimate and Enterprise editions of Microsoft’s Windows Vista and Windows 7 desktop operating systems, as well as the Windows Server 2008 and Windows Server 2008 R2 server platforms. It is designed to protect data by providing encryption for entire volumes. By default it uses the AES encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional disk encryption specific security not provided by AES.[1][2]

BitLocker is available only in the Enterprise and Ultimate editions of Windows Vista and Windows 7.[1] Users of other versions of Windows that don’t include BitLocker could use a third-party encryption program to satisfy the need for full drive encryption (see Comparison of disk encryption software). In the RTM release of Windows Vista, only the operating system volume could be encrypted using the GUI and encrypting other volumes required using WMI-based scripts included in Windows Vista in the %Windir%\System32 folder. [3] An example of how to use the WMI interface is in the script manage-bde.wsf, that can be used to set up and manage BitLocker from the command line. With Windows Vista Service Pack 1 and Windows Server 2008, volumes other than the operating system volume can be BitLocker-protected using the graphical Control Panel applet as well. [4]

The latest version of BitLocker, included in Windows 7 and Windows Server 2008 R2, adds the ability to encrypt removable drives.


Security concerns

According to Microsoft sources,[16][17] BitLocker does not contain an intentionally built-in backdoor; there is no way for law enforcement to have a guaranteed passage to the data on the user’s drives that is provided by Microsoft. The lack of any backdoor has been a concern to the UK Home Office,[18] which tried entering into talks with Microsoft to get one introduced, though Microsoft developer Niels Ferguson and other Microsoft spokesmen state that they have not granted the wish to have one added.[19][20] Although the AES encryption algorithm used in BitLocker is in the public domain, its actual implementation in BitLocker, as well as other components of the software, are closed source; however, the code is available for scrutiny by Microsoft partners and enterprises, subject to a non-disclosure agreement.

Notwithstanding the claims of Niels Ferguson and others, Microsoft Services states in Exploration of Windows 7, Advanced Forensics Topic (page 70), “BitLocker has a number of ‘Recovery’ scenarios that we can exploit”, and “BitLocker, at its core, is a password technology, we simply have to get the password…”.

The “Transparent operation mode” and “User authentication mode” of BitLocker use the TPM hardware to detect if there are unauthorized changes to the pre-boot environment, including the BIOS and MBR.[21] If any unauthorized changes are detected, BitLocker requests a recovery key on a USB device, or a recovery password entered by hand. Either of these cryptographic secrets are used to decrypt the Volume Master Key (VMK) and allow the bootup process to continue.[21]

Nevertheless, in February 2008, a group of security researchers published details of a so called “cold boot attack” that allows a BitLocker-protected machine to be compromised by booting the machine off removable media, such as a USB drive, into another operating system, then dumping the contents of pre-boot memory.[22] The attack relies on the fact that DRAM retains information for up to several minutes (or even longer if cooled) after power has been removed. Use of a TPM module alone does not offer any protection, as the keys are held in memory while Windows is running, although two-factor authentication, i.e. using TPM together with a PIN, offers better protection for machines that are not powered on when physical access to them is obtained. Similar full disk encryption mechanisms of other vendors and other operating systems, including Linux and Mac OS X, are vulnerable to the same attack.[22] The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a “sleep” state) and that a password also be required to boot the machine.

Once a BitLocker-protected machine is running, its keys are stored in memory where they may be susceptible to attack by a process that is able to access physical memory, for example through a 1394 DMA channel.[23] Any cryptographic material in memory is at risk from this attack, which is therefore not specific to BitLocker.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.