BitLocker Drive Encryption
BitLocker Drive Encryption is a full disk encryption feature included with Microsoft's Windows Vista and Windows Server 2008 operating systems designed to protect data by providing encryption for entire volumes. By default it uses the AES encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional security.[1]
BitLocker is only available in the Enterprise and Ultimate editions of Windows Vista.[1] At WinHEC 2006, Microsoft demonstrated a pre-release version of Windows Server 2008 which contained support for BitLocker-protected data volumes in addition to the operating system volume protection.
Contents |
Overview
BitLocker provides three modes of operation.[2] The first two modes require a cryptographic hardware chip called a Trusted Platform Module (version 1.2 or later) and a compatible BIOS:
- Transparent operation mode: This mode exploits the capabilities of the TPM 1.2 hardware to provide for a transparent user experience—the user logs onto Windows Vista as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing Group.
- User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported—a pre-boot PIN entered by the user or a USB device inserted that contains the required startup key.
The final mode does not require a TPM chip:
- USB Key: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment.
Operation
Contrary to the official name, BitLocker Drive Encryption is a logical volume encryption system. A volume may or may not be an entire drive, or can be one or more drives. Using built-in command-line tools, BitLocker can be used to encrypt more than just the boot volume, but additional volumes cannot be encrypted using the GUI. Future Windows versions (e.g. Windows Server 2008) are expected to support additional volume encryption using the GUI. Also, when enabled TPM/Bitlocker also ensures the integrity of the trusted boot path (e.g. BIOS, boot sector, etc.), in order to prevent offline physical attacks, boot sector malware, etc.
In order for BitLocker to operate, the hard disk requires at least two NTFS-formatted volumes: a "system volume" with a minimum size of 1.5GB, where the operating system boots from, and the "boot volume" which contains Windows Vista. Note: The system volume BitLocker is installed on is not encrypted, so it should not be used to store confidential information. Unlike previous versions of Windows, Vista's diskpart command-line tool includes the ability to shrink the size of an NTFS volume so that the system volume for BitLocker can be created.
Only the operating system volume may be encrypted using the current GUI interface. However, additional volumes can be encrypted by using the WSF script manage-bde.wsf
. Encrypting File System continues to be the recommended solution for real-time encryption of data on an NTFS partition. Encrypting File System support is also highly recommended in addition to BitLocker since BitLocker protection effectively ends once the OS kernel has been loaded. BitLocker and EFS can be thought of as protections against different classes of attacks.
In domain environments, BitLocker supports key escrow to Active Directory, as well as a WMI interface for remote administration of the feature. An example of how to use the WMI interface is the script manage-bde.wsf (installed in Vista by default in \%Windir\System32), that can be used to set up and manage BitLocker from the command line.
Security
According to Microsoft sources, [3] BitLocker does not contain a backdoor; there is no way for law enforcement to have a guaranteed passage to the data on the user's drives. This has been one of the main concerns among power-users since the announcement of built-in encryption in Vista.
According to an article "Keys to Protecting Data with BitLocker Drive Encryption" [4] published in the June 2007 Microsoft TechNet Magazine, The "Transparent operation mode" and "User authentication mode" of BitLocker use the TPM hardware to detect if there are unauthorized changes to the pre-boot environment including the BIOS and MBR. If any unauthorized changes are detected, BitLocker requests a recovery key on a USB device, or a recovery password entered by hand. Either of these cryptographic secrets are used to decrypt the Volume Master Key (VMK) and allow the bootup process to continue.
One security implication of a software encryption system like BitLocker is that the recovery key/password entry process could be spoofed by another bootmanager or OS install. Once the spoofed software captured the secret, it could be used to decrypt the VMK, which then allows access to decrypt or modify any information on the user's BitLocker encrypted hard disk. This risk can be reduced by configuring the computer's BIOS to only allow booting from the internal hard disk, and then protecting this setting with a strong password. This will not work if your adversary can reset the CMOS memory on your brand of computer to delete the password.
BitLocker can also operate in a "USB Key" mode. The security risk in this case is that a program (either pre-boot or post-boot Windows malware) could read the startup key off of the USB Key and store it. It could be used later (perhaps after booting with another OS) to decrypt the VMK would then enable read/write access to the BitLocker-secured hard disk. This risk can be reduced by removing the USB Key from the USB port before Vista completely starts up. This should prevent post-boot malware from capturing the key. Again, configuring the computer's BIOS to only allow booting from the internal hard disk, and then protecting this setting with a strong password, will increase security by making it difficult to install a modified pre-boot environment which could steal the key. Again, this will not work if your adversary can reset the CMOS memory on your brand of computer to delete the password.
See also
- Disk encryption
- Full disk encryption
- Disk encryption software
- Features new to Windows Vista
- List of Microsoft Windows components
- Vista IO technologies
References
- ^ a b Windows BitLocker Drive Encryption Frequently Asked Questions. Microsoft. Retrieved on 2007-09-05.
- ^ Security Analysis. Data Encryption Toolkit for Mobile PCs. Microsoft. Retrieved on 2007-09-05.
- ^ Back-door nonsense. System Integrity Team Blog. Microsoft. Retrieved on 2006-06-19.
- ^ Keys to Protecting Data with BitLocker Drive Encryption. TechNet Magazine. Microsoft. Retrieved on 2007-08-21.