Attacking the BitLocker Boot Process

  • Sven Türpe
  • Andreas Poller
  • Jan Steffan
  • Jan-Peter Stotz
  • Jan Trukenmüller
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5471)

Abstract

We discuss five attack strategies against BitLocker, which target the way BitLocker is using the TPM sealing mechanism. BitLocker is a disk encryption feature included in some versions of Microsoft Windows. It represents a state-of-the-art design, enhanced with TPM support for improved security. We show that, under certain assumptions, a dedicated attacker can circumvent the protection and break confidentiality with limited effort. Our attacks neither exploit vulnerabilities in the encryption itself nor do they directly attack the TPM. They rather exploit sequences of actions that Trusted Computing fails to prevent, demonstrating limitations of the technology.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Mitchell, C.J. (ed.): Research workshop on future TPM functionality: Final report, http://www.softeng.ox.ac.uk/etiss/trusted/research/TPM.pdf
  2. 2.
    Arbaugh, W.A., Farbert, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 65–71. IEEE Computer Society, Los Alamitos (1997)Google Scholar
  3. 3.
    Fergusson, N.: AES-CBC + Elephant diffuser: A disk encryption algorithm for windows vista. Tech. rep., Microsoft (2006)Google Scholar
  4. 4.
    Microsoft TechNet. BitLocker Drive Encryption Technical Overview (May 8, 2008), http://technet.microsoft.com/en-us/library/cc732774.aspx
  5. 5.
    NVlabs: NVbit: Accessing bitlocker volumes from linux. Web page (2008), http://www.nvlabs.in/node/9
  6. 6.
    Hendricks, J., van Doorn, L.: Secure bootstrap is not enough: Shoring up the trusted computing base. In: Proceedings of the Eleventh SIGOPS European Workshop, ACM SIGOPS. ACM Press, New York (2004)Google Scholar
  7. 7.
    Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: Cold boot attacks on encryption keys. Tech. rep., Princeton University (2008)Google Scholar
  8. 8.
    Becher, M., Dornseif, M., Klein, C.N.: Firewire: all your memory are belong to us. Slides, http://md.hudora.de/presentations/#firewire-cansecwest
  9. 9.
    Templeton, S.J., Levitt, K.: A requires/provides model for computer attacks. In: Proceedings of New Security Paradigms Workshop, pp. 31–38. ACM Press, New York (2000)Google Scholar
  10. 10.
    Sparks, E.R.: Security assessment of trusted platform modules. Tech. rep., Dartmouth College (2007)Google Scholar
  11. 11.
    Sparks, E.R.: TPM reset attack. Web page, http://www.cs.dartmouth.edu/~pkilab/sparks/
  12. 12.
    Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt. In: Proceedings of the 8th USENIX Security Symposium (1999)Google Scholar
  13. 13.
    Weingart, S.H.: Physical security devices for computer subsystems: A survey of attacks and defenses. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 302–317. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Weingart, S.: Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses 2008, updated from the ches 2000 version (2008), http://www.atsec.com/downloads/pdf/phy_sec_dev.pdf
  15. 15.
    Drimer, S., Murdoch, S.J.: Keep your enemies close: Distance bounding against smartcard relay attacks. In: USENIX Security 2007 (2007)Google Scholar
  16. 16.
    Tygar, J.D., Yee, B.: Dyad: A system for using physically secure coprocessors. In: Tech. rep., Proceedings of the Joint Harvard-MIT Workshop on Technological Strategies for the Protection of Intellectual Property in the Network Multimedia Environment (1991)Google Scholar
  17. 17.
    Grawrock, D.: The Intel Safer Computing Initiative: Building Blocks for Trusted Computing. Intel Press (2006)Google Scholar
  18. 18.
    Hargreaves, C., Chivers, H.: Recovery of encryption keys from memory using a linear scan. In: Proceedings of Third International Conference on Availability, Reliability and Security, ARES 2008, pp. 1369–1376 (2008), doi:10.1109/ARES.2008.109Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Sven Türpe
    • 1
  • Andreas Poller
    • 1
  • Jan Steffan
    • 1
  • Jan-Peter Stotz
    • 1
  • Jan Trukenmüller
    • 1
  1. 1.Fraunhofer Institute for Secure Information Technology (SIT)DarmstadtGermany

Personalised recommendations