Attacking the BitLocker Boot Process

  • Sven Türpe
  • Andreas Poller
  • Jan Steffan
  • Jan-Peter Stotz
  • Jan Trukenmüller
Conference paper

DOI: 10.1007/978-3-642-00587-9_12

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5471)
Cite this paper as:
Türpe S., Poller A., Steffan J., Stotz JP., Trukenmüller J. (2009) Attacking the BitLocker Boot Process. In: Chen L., Mitchell C.J., Martin A. (eds) Trusted Computing. Trust 2009. Lecture Notes in Computer Science, vol 5471. Springer, Berlin, Heidelberg

Abstract

We discuss five attack strategies against BitLocker, which target the way BitLocker is using the TPM sealing mechanism. BitLocker is a disk encryption feature included in some versions of Microsoft Windows. It represents a state-of-the-art design, enhanced with TPM support for improved security. We show that, under certain assumptions, a dedicated attacker can circumvent the protection and break confidentiality with limited effort. Our attacks neither exploit vulnerabilities in the encryption itself nor do they directly attack the TPM. They rather exploit sequences of actions that Trusted Computing fails to prevent, demonstrating limitations of the technology.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Sven Türpe
    • 1
  • Andreas Poller
    • 1
  • Jan Steffan
    • 1
  • Jan-Peter Stotz
    • 1
  • Jan Trukenmüller
    • 1
  1. 1.Fraunhofer Institute for Secure Information Technology (SIT)DarmstadtGermany

Personalised recommendations