BitLocker Drive Encryption

From Wikipedia, the free encyclopedia

BitLocker Drive Encryption
Developed by	Microsoft
Latest release	1.0 / January 30, 2007
Written in	C, C++, Assembler[citation needed]
OS	Windows Vista, Windows Server 2008
Genre	Disk encryption software
License	Limited editions of Windows Vista and Server 2008
Website	BitLocker Drive Encryption

BitLocker Drive Encryption is a full disk encryption feature included with Microsoft's Windows Vista Ultimate, Windows Vista Enterprise and Windows Server 2008 operating systems designed to protect data by providing encryption for entire volumes. By default it uses the AES encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional disk encryption specific security not provided by AES.^[1][2]

BitLocker is only available in the Enterprise and Ultimate editions of Windows Vista.^[1] In the RTM release of Windows Vista, only the operating system volume could be encrypted using the GUI and encrypting other volumes required using WMI-based scripts included in Windows Vista in the %Windir\System32 folder. ^[3] An example of how to use the WMI interface is in the script manage-bde.wsf, that can be used to set up and manage BitLocker from the command line. With Windows Vista Service Pack 1 and Windows Server 2008, volumes other than the operating system volume can be BitLocker-protected using the graphical Control Panel applet as well. ^[4]

Contents 1 Overview 2 Operation 3 Security concerns 4 See also 5 References 6 External links

[edit] Overview

BitLocker provides three modes of operation.^[5] The first two modes require a cryptographic hardware chip called a Trusted Platform Module (version 1.2 or later) and a compatible BIOS:

• Transparent operation mode: This mode exploits the capabilities of the TPM 1.2 hardware to provide for a transparent user experience—the user logs onto Windows Vista as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing Group. This mode is vulnerable to a cold boot attack, as it allows a machine to be booted by an attacker.
• User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported: a pre-boot PIN entered by the user, or a USB key.

The final mode does not require a TPM chip:

• USB Key: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment.

The following permutations of the above are supported:

• TPM
• TPM + PIN
• TPM + PIN + USB Key
• TPM + USB Key
• USB Key

[edit] Operation

Contrary to the official name, BitLocker Drive Encryption is a logical volume encryption system. A volume may or may not be an entire drive, and can span one or more physical drives. Also, when enabled TPM/Bitlocker can ensure the integrity of the trusted boot path (e.g. BIOS, boot sector, etc.), in order to prevent most offline physical attacks, boot sector malware, etc.

In order for BitLocker to operate, the hard disk requires at least two NTFS-formatted volumes: one for the operating system (usually C:) and another with a minimum size of 1.5GB where the operating system boots from. BitLocker requires the boot volume to remain unencrypted, so it should not be used to store confidential information. Unlike previous versions of Windows, Vista's "diskpart" command-line tool includes the ability to shrink the size of an NTFS volume so that the system volume for BitLocker can be created. A tool called the "Bitlocker Drive Preparation Tool" is also available from Microsoft that allows an existing volume to be shrunk to make place for a new boot volume, and for the necessary bootstrapping files to be transferred to it.^[6]

Once an alternate boot partition has been created, the TPM module needs to be initialized (assuming that this feature is being used), after which the required disk encryption key protection mechanisms such as TPM, PIN or USB key are configured. The volume is then encrypted as a background task, something that can take a considerable amount of time with a large disk. Only once the whole volume has been encrypted are the keys protected, and it considered secure.

Encrypting File System usage may also be required in addition to BitLocker, since BitLocker protection effectively ends once the OS kernel has been loaded. BitLocker and EFS therefore offer protection against different classes of attacks. In domain environments, BitLocker supports optional key escrow to Active Directory, although a schema update may be required for this to work.

[edit] Security concerns

According to Microsoft sources,^[7][8] BitLocker does not contain an intentionally built-in backdoor; there is no way for law enforcement to have a guaranteed passage to the data on the user's drives that is provided by Microsoft. This has been one of the main concerns among power-users since the announcement of built-in encryption in Vista. Although the AES encryption algorithm used in Bitlocker is in the public domain, its actual implementation in BitLocker, as well as other components of the software, are closed source. The code is available for scrutiny by selected Microsoft partners and enterprises, subject to a non-disclosure agreement, however the wider security community cannot independently verify that there is not a backdoor built into the product and has to take Microsoft's word in this regard.

Another concern is that BitLocker cannot encrypt all partitions on a drive, because it requires approximately a 1.5-gigabyte partition to be permanently unencrypted and to contain system files in order for Windows to boot. This is a potential security concern, because third party applications or the operating system may intentionally or unintentionally write sensitive data to the partition that will not be encrypted. The issue is easily addressed with appropriate file system security, however the default configuration allows users to save files in this location. This is in contrast to other disk encryption programs, such as the open-source TrueCrypt, which can encrypt all logical partitions on a drive including slack space between and behind partitions (TrueCrypt leaves only the first track unencrypted since it contains the partition table). In contrast to BitLocker, TrueCrypt also allows the boot loader to reside on a CD or a DVD (it does not have to reside on the hard drive).

The "Transparent operation mode" and "User authentication mode" of BitLocker use the TPM hardware to detect if there are unauthorized changes to the pre-boot environment, including the BIOS and MBR.^[9] If any unauthorized changes are detected, BitLocker requests a recovery key on a USB device, or a recovery password entered by hand. Either of these cryptographic secrets are used to decrypt the Volume Master Key (VMK) and allow the bootup process to continue.^[9]

Nevertheless, in February 2008, a group of security researchers published details of a straightforward cold boot attack that allows a Bitlocker-protected machine to be compromised by booting the machine off a USB device into another operating system, then dumping the contents of pre-boot memory.^[10] The attack relies on the fact that DRAM retains information for up to several minutes (or even longer if cooled) after power has been removed. Use of a TPM module alone does not offer any protection, as the keys are held in memory while Windows is running, although two-factor authentication, i.e. using TPM together with a PIN offers better protection. Similar full disk encryption mechanisms of other vendors and other operating systems, including Linux and Mac OS X, are vulnerable to the same attack.^[10] The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a "sleep" state) and that a PIN also be required to boot the machine.

One security implication of an encryption system like BitLocker is that the recovery key/password entry process could be spoofed by another bootmanager or OS install. Once the spoofed software captured the secret, it could be used to decrypt the VMK, which then allows access to decrypt or modify any information on the user's BitLocker-encrypted hard disk. This risk can be reduced by configuring a TPM to protect the trusted boot pathway, including the BIOS and boot sector.

BitLocker can also operate in a "USB Key"-only mode. The security risk in this case is that a program (either pre-boot or post-boot Windows malware) could read the startup key off of the USB Key and store it. It could be used later to decrypt and access the BitLocker-secured hard disk. This risk can be reduced by removing the USB Key from the USB port before Vista completely starts up. This should prevent post-boot malware from capturing the key, or the key being stolen together with the computer.^{[original research?]}

[edit] See also

• Disk encryption
• Full disk encryption
• Disk encryption software
• Features new to Windows Vista
• List of Microsoft Windows components
• Vista IO technologies

[edit] References

1. ^ ^{a b} Windows BitLocker Drive Encryption Frequently Asked Questions. Microsoft. Retrieved on 2007-09-05.
2. ^ Niels Fergusson (August 2006). "AES-CBC + Elephant Diffuser: A Disk Encryption Algorithm for Windows Vista". . Microsoft Retrieved on 2008-02-22.
3. ^ Bitlocker Drive Encryption Provider. Microsoft (February 19, 2008). Retrieved on 2008-02-22.
4. ^ Advances in BitLocker Drive Encryption
5. ^ Security Analysis. Data Encryption Toolkit for Mobile PCs. Microsoft. Retrieved on 2007-09-05.
6. ^ Description of the BitLocker Drive Preparation Tool. Microsoft (September 7, 2007). Retrieved on 2008-02-22.
7. ^ Back-door nonsense. System Integrity Team Blog. Microsoft. Retrieved on 2006-06-19.
8. ^ Microsoft: Vista won't get a backdoor. CNet (March 3, 2006). Retrieved on 2008-05-01.
9. ^ ^{a b} Keys to Protecting Data with BitLocker Drive Encryption. TechNet Magazine. Microsoft. Retrieved on 2007-08-21.
10. ^ ^{a b} J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten (February 21, 2008). "Lest We Remember: Cold Boot Attacks on Encryption Keys". . Princeton University Retrieved on 2008-02-22.

[edit] External links

• BitLocker Drive Encryption Technical Overview
• Download Bitlocker Drive Preparation Tool

v • d • e Microsoft Windows components Core Aero · ClearType · Desktop Window Manager · DirectX · Explorer · Taskbar · Start menu · Shell (namespace · Special Folders · File associations) · Search (Saved search · iFilters) · Graphics Device Interface · WIM · Next Generation TCP/IP stack (Server Message Block) · .NET Framework · Audio · Printing (XML Paper Specification) · Active Scripting (WSH · VBScript · JScript) · COM (OLE · OLE Automation · DCOM · ActiveX · ActiveX Document · Structured storage · Transaction Server) · Previous Versions · WDDM · UAA · Win32 console Management tools Backup and Restore Center · command.com · cmd.exe · Control Panel (Applets) · Device Manager · Disk Cleanup · Disk Defragmenter · Event Viewer · Management Console · Netsh · Problem Reports and Solutions · Sysprep · System Configuration · Task Manager · System File Checker · System Restore · Windows Installer · Windows PowerShell · Windows Update · WinSAT · Windows Easy Transfer Applications Calculator · Calendar · Character Map · Contacts · DVD Maker · Fax and Scan · Internet Explorer · Journal · Mail · Magnifier · Media Center · Meeting Space · Mobile Device Center · Mobility Center · Movie Maker · Narrator · Notepad · Paint · Photo Gallery · Private Character Editor · Remote Assistance · Sidebar · Snipping Tool · Sound Recorder · Windows Media Player (11) · Windows Speech Recognition · WordPad Games Chess Titans · FreeCell · Hearts · Hold 'Em · InkBall · Mahjong Titans · Minesweeper · Purble Place · Solitaire · Spider Solitaire Kernel Ntoskrnl.exe · hal.dll · System Idle Process · Svchost.exe · Registry · Windows service · Service Control Manager · DLL · EXE · NTLDR / Boot Manager · Winlogon · Recovery Console · I/O · WinRE · WinPE · Kernel Patch Protection Services Autorun · BITS · Task Scheduler · Wireless Zero Configuration · Shadow Copy · Windows Error Reporting · Multimedia Class Scheduler · CLFS File systems NTFS (Hard link · Junction point · Mount Point · Reparse point · Symbolic link · TxF · EFS) · FAT32·FAT16·FAT12 · exFAT · CDFS · UDF · DFS · IFS Server Domains · Active Directory · DNS · Group Policy · Roaming user profiles · Folder redirection · Distributed Transaction Coordinator · MSMQ · Windows SharePoint Services · Windows Media Services · Rights Management Services · IIS · Terminal Services · WSUS · Network Access Protection · DFS Replication · Remote Differential Compression · Print Services for UNIX · Remote Installation Services · Windows Deployment Services · Windows System Resource Manager · Hyper-V Architecture NT series architecture · Object Manager · Startup process (Vista) · I/O request packets · Kernel Transaction Manager · Logical Disk Manager · Security Accounts Manager · Windows Resource Protection · LSASS · CSRSS · SMSS Security UAC · BitLocker · Defender · DEP · Protected Media Path · Mandatory Integrity Control · UIPI · Windows Firewall · Security Center Compatibility Unix subsystem (Interix) · Virtual DOS Machine · Windows on Windows · WOW64