Attacking Microsoft’s BitLocker

Posted by Ken Y-N on April 1st, 2009 at 03:49pm

The blog Erich sieht recently posted about an upcoming paper on Attacking the BitLocker Boot Process, to be presented at Trust 2009 in Oxford 6th to 8th April.

Although as you can see from my other posts, I’m a really big fan of the TCG’s Storage encryption standards, but I’m not much of a fan of BitLocker, which does not use low-level hardware-based encryption, but instead just uses a TPM as a key store.

I’ve not read the paper, but from the blog post it seems to be about temporarily installing a keylogger that captures the BitLocker password, then deletes itself to allow the BitLocker to work again. I think a similar attack would work on hardware encryption, however.

This behaviour is not surprising, however, and as the attack needs physical access, most security experts will tell you once you have physical access, all security bets are off. Incidentally, the Mobile Phone Working Group’s Mobile Trusted Module specification includes Secure Boot, which solves this problem, but Secure Boot is not the sort of thing that would be acceptable on commodity PCs.

Tags: , ,

Under TPM Tags: , ,

1 Comment for Attacking Microsoft’s BitLocker

  • 1. Hardware keylogger  |  January 3rd, 2011 at 2:37 pm

    Please send me links of free version of TPM key store.

Leave a Comment for Attacking Microsoft’s BitLocker

Required

Required, hidden

RSS Comments Feed RSS Comments Feed  |  Trackback this post

Recent Articles
Adverts

Tags
Blogroll
Categories