locked
How secure is Bitlocker, really? RRS feed

  • Question

  •      Hypothetically, how much of a challenge would a bitlocker encrypted drive be to a professional forensic cryptologist? How about a dedicated enthusiast?  What standard is used to encrypt the drives and what would it be comparable too?  I guess what I'm really wondering is if it is like "National Secrets" secure, or just "Taco bell Lunch Sales" secure...

    Thursday, March 20, 2008 6:44 AM

Answers

  • BitLocker uses AES 128 bit encryption, with the option of going to 256 bit, and uses an additional cryptographic element called a "diffuser" before the AES. AES 256 is pretty much impossible to brute force. ("Impossible" and "unbreakable" are words to avoid, but it's beyond "difficult".)

     

    Most forensics experts get further by locating the keys than by brute-forcing the encryption.

     

    Thursday, March 20, 2008 11:18 PM

All replies

  • BitLocker uses AES 128 bit encryption, with the option of going to 256 bit, and uses an additional cryptographic element called a "diffuser" before the AES. AES 256 is pretty much impossible to brute force. ("Impossible" and "unbreakable" are words to avoid, but it's beyond "difficult".)

     

    Most forensics experts get further by locating the keys than by brute-forcing the encryption.

     

    Thursday, March 20, 2008 11:18 PM
  • Does using AES256 cost something? i.e. a performance hit?

     

    And does that go for systems with a TPM 1.2 chip as well?

     

    Wednesday, June 4, 2008 6:12 PM
  • The algorithm used to secure the data is pretty meaningless.  What is important is how it is implemented.

    I notice that Bitlocker encryption system uses a partition for boot that is unencrypted.

    Whilst yes, the Windows partition et al is secured by the software, this partition could theoretically be tampered with to gain access to the authentication software.  Admittedly, this would mean an attacker would have to get access to your laptop and then exploit it without your awareness.  The software could be modified to take a copy of your key so the next time the attacker gets their hands on your laptop, your keys are ripe for the taking.  Thoretically of course.  The attacker would have to know the Bitlocker system intimately and would have to reverse engineer it and then adapt it.  Quite tricky?

    Movng the boot system to a removable drive with the keys either on the same disk or another would increase security.  You could take the boot partition away from the encrypted drive and lock it away.

     

    Saturday, September 13, 2008 11:44 AM
  • "the Windows partition et al is secured by the software, this partition could theoretically be tampered with to gain access to the authentication software.  Admittedly, this would mean an attacker would have to get access to your laptop and then exploit it without your awareness."

     

    Actually, Windows Vista is aware of this particular attack vector and Vista ensures that the boot files on the unencrypted volume have not been tampered with before the boot process continues on the encrypted volume.  The unencrypted portion of the OS knows how to request the key from the TPM chip, and then start the next executable in the boot process, on the encrypted volume.  The VERY NEXT step of the process is for this first executable on the encrypted volume to inspect the boot files to ensure that the boot files are the original boot files.  If the boot files have been tampered with, the Vista boot process stops and the user is then notified that the boot files have been tampered with. 

     

    The user cannot just press OK at this point; the recovery key is required to continue the boot process. I like this step because an uninformed user would not typically have the bitlocker recovery key as well, and they would need to make a call to the help desk.  This prevents the ignorant user from allowing the boot process to continue, hence compromising the bitlocker key.

     

    Does this help?

    Tuesday, October 21, 2008 10:58 PM