BitLocker Drive Encryption
Encyclopedia
BitLocker Drive Encryption is a full disk encryption
feature included with the Ultimate and Enterprise editions of Microsoft
's Windows Vista
and Windows 7 desktop operating system
s, as well as the Windows Server 2008 and Windows Server 2008 R2
server platforms. It is designed to protect data by providing encryption
for entire volume
s. By default it uses the AES
encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional disk encryption specific security not provided by AES.
BitLocker is available only in the Enterprise and Ultimate editions of Windows Vista and Windows 7. Users of other versions of Windows that don't include BitLocker could use a third-party encryption program to satisfy the need for full drive encryption (see Comparison of disk encryption software
). In the RTM release of Windows Vista, only the operating system volume could be encrypted using the GUI and encrypting other volumes required using WMI
-based scripts included in Windows Vista in the %Windir%\System32 folder. An example of how to use the WMI interface is in the script manage-bde.wsf, that can be used to set up and manage BitLocker from the command line. With Windows Vista Service Pack 1 and Windows Server 2008, volumes other than the operating system
volume can be BitLocker-protected using the graphical Control Panel applet as well.
The latest version of BitLocker, included in Windows 7 and Windows Server 2008 R2, adds the ability to encrypt removable drives.
The following permutations of the above authentication mechanisms are supported, all with an optional escrow
recovery key:
encryption system. A volume may or may not be an entire drive, and can span one or more physical drives. Also, when enabled TPM and BitLocker can ensure the integrity of the trusted boot path (e.g. BIOS, boot sector, etc.), in order to prevent most offline physical attacks, boot sector malware, etc.
In order for BitLocker to operate, the hard disk requires at least two NTFS
-formatted volumes
: one for the operating system
(usually C:) and another with a minimum size of 100 MB from which the operating system boots
. BitLocker requires the boot volume to remain unencrypted—on Windows Vista this volume must be assigned a drive letter, while on Windows 7 it does not. Unlike previous versions of Windows, Vista's "diskpart" command-line tool includes the ability to shrink the size of an NTFS volume so that the system volume for BitLocker can be created from already-allocated space. A tool called the "BitLocker Drive Preparation Tool" is also available from Microsoft that allows an existing volume on Windows Vista to be shrunk to make room for a new boot volume, and for the necessary bootstrapping files to be transferred to it; Windows 7 creates the secondary boot volume by default, even if BitLocker is not used initially.
Once an alternate boot partition has been created, the TPM module needs to be initialized (assuming that this feature is being used), after which the required disk encryption key protection mechanisms such as TPM, PIN or USB key are configured. The volume is then encrypted as a background task, something that can take a considerable amount of time with a large disk as every logical sector is read, encrypted and rewritten back to disk. Only once the whole volume has been encrypted are the keys protected, and the volume considered secure. BitLocker uses a low-level device driver to encrypt and decrypt all file operations, making interaction with the encrypted volume transparent to applications running on the platform.
The Microsoft Encrypting File System
(EFS) may be used in conjunction with BitLocker to provide protection once the operating system kernel is running. Protection of the files from processes/users within the operating system can only be performed using encryption software that operates within Windows, such as EFS. BitLocker and EFS therefore offer protection against different classes of attacks.
In Active Directory
environments, BitLocker supports optional key escrow
to Active Directory
, although a schema update may be required for this to work (i.e. if the Active Directory Directory Services are hosted on a Windows version previous to Windows Server 2008).
Other systems like BitLocker can have their recovery key/password entry process spoofed
by another bootmanager or OS install. Once the spoofed software captured the secret, it could be used to decrypt the Volume Master Key (VMK), which would then allow access to decrypt or modify any information on the user's BitLocker-encrypted hard disk. By configuring a TPM
to protect the trusted boot
pathway, including the BIOS
and boot sector
, this threat can be removed.
and other Microsoft spokesmen state that they have not granted the wish to have one added. Although the AES encryption algorithm used in BitLocker is in the public domain
, its actual implementation in BitLocker, as well as other components of the software, are closed source
; however, the code is available for scrutiny by Microsoft partners and enterprises, subject to a non-disclosure agreement
.
The "Transparent operation mode" and "User authentication mode" of BitLocker use the TPM hardware to detect if there are unauthorized changes to the pre-boot environment, including the BIOS
and MBR
. If any unauthorized changes are detected, BitLocker requests a recovery key
on a USB device, or a recovery password entered by hand. Either of these cryptographic secrets are used to decrypt the Volume Master Key (VMK) and allow the bootup
process to continue.
Nevertheless, in February 2008, a group of security researchers published details of a so called "cold boot attack
" that allows a BitLocker-protected machine to be compromised by booting the machine off removable media, such as a USB
drive, into another operating system, then dumping the contents of pre-boot memory. The attack relies on the fact that DRAM
retains information
for up to several minutes (or even longer if cooled) after power has been removed. Use of a TPM module alone does not offer any protection, as the keys are held in memory while Windows is running, although two-factor authentication
, i.e. using TPM together with a PIN, offers better protection for machines that are not powered on when physical access to them is obtained. Similar full disk encryption mechanisms of other vendors and other operating systems, including Linux
and Mac OS X
, are vulnerable to the same attack. The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a "sleep"
state) and that a password also be required to boot the machine.
Once a BitLocker-protected machine is running, its keys are stored in memory where they may be susceptible to attack by a process that is able to access physical memory, for example through a 1394
DMA
channel. Any cryptographic material in memory is at risk from this attack, which is therefore not specific to BitLocker.
Full disk encryption
Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage. The term "full disk encryption" is often used to signify that everything on a disk is encrypted, including the...
feature included with the Ultimate and Enterprise editions of Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
's Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
and Windows 7 desktop operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s, as well as the Windows Server 2008 and Windows Server 2008 R2
Windows Server 2008 R2
Windows Server 2008 R2 is a server operating system produced by Microsoft. It was released to manufacturing on July 22, 2009 and launched on October 22, 2009. According to the Windows Server Team blog, the retail availability was September 14, 2009. It is built on Windows NT 6.1, the same core...
server platforms. It is designed to protect data by providing encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
for entire volume
Volume (computing)
In the context of computer operating systems, volume is the term used to describe a single accessible storage area with a single file system, typically resident on a single partition of a hard disk. Similarly, it refers to the logical interface used by an operating system to access data stored on...
s. By default it uses the AES
Advanced Encryption Standard
Advanced Encryption Standard is a specification for the encryption of electronic data. It has been adopted by the U.S. government and is now used worldwide. It supersedes DES...
encryption algorithm in CBC mode with a 128 bit key, combined with the Elephant diffuser for additional disk encryption specific security not provided by AES.
BitLocker is available only in the Enterprise and Ultimate editions of Windows Vista and Windows 7. Users of other versions of Windows that don't include BitLocker could use a third-party encryption program to satisfy the need for full drive encryption (see Comparison of disk encryption software
Comparison of disk encryption software
-Background information:-Operating systems:-Features:* Hidden containers: Whether hidden containers can be created for deniable encryption...
). In the RTM release of Windows Vista, only the operating system volume could be encrypted using the GUI and encrypting other volumes required using WMI
Windows Management Instrumentation
Windows Management Instrumentation is a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification...
-based scripts included in Windows Vista in the %Windir%\System32 folder. An example of how to use the WMI interface is in the script manage-bde.wsf, that can be used to set up and manage BitLocker from the command line. With Windows Vista Service Pack 1 and Windows Server 2008, volumes other than the operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
volume can be BitLocker-protected using the graphical Control Panel applet as well.
The latest version of BitLocker, included in Windows 7 and Windows Server 2008 R2, adds the ability to encrypt removable drives.
Overview
There are three authentication mechanisms that can be used as building blocks to implement BitLocker encryption:- Transparent operation mode: This mode utilizes the capabilities of Trusted Platform ModuleTrusted Platform ModuleIn computing, Trusted Platform Module is both the name of a published specification detailing a secure cryptoprocessor that can store cryptographic keys that protect information, as well as the general name of implementations of that specification, often called the "TPM chip" or "TPM Security...
(TPM) 1.2 hardware to provide for a transparent user experience—the user powers up and logs onto Windows as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing GroupTrusted Computing GroupThe Trusted Computing Group , successor to the Trusted Computing Platform Alliance , is an initiative started by AMD, Hewlett-Packard, IBM, Intel, and Microsoft to implement Trusted Computing...
. This mode is vulnerable to a cold boot attackCold boot attackIn cryptography, a cold boot attack is a type of side channel attack in which an attacker with physical access to a computer is able to retrieve encryption keys from a running operating system after using a cold reboot to restart the machine from a completely "off" state...
, as it allows a powered-down machine to be bootedBootingIn computing, booting is a process that begins when a user turns on a computer system and prepares the computer to perform its normal operations. On modern computers, this typically involves loading and starting an operating system. The boot sequence is the initial set of operations that the...
by an attacker. - User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in the form of a pre-boot PINPersonal identification numberA personal identification number is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system. Typically, the user is required to provide a non-confidential user identifier or token and a confidential PIN to gain access to the system...
. This mode is vulnerable to a bootkit attack. - USB Key Mode: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment. This mode is also vulnerable to a bootkit attack.
- Recovery password: A numerical key protector for recovery purposes.
- Recovery key: An external key for recovery purposes.
- Certificate: Adds a certificate-based public key protector for recovery purposes.
- Password: Adds a password key protector for a data volume.
The following permutations of the above authentication mechanisms are supported, all with an optional escrow
Escrow
An escrow is:* an arrangement made under contractual provisions between transacting parties, whereby an independent trusted third party receives and disburses money and/or documents for the transacting parties, with the timing of such disbursement by the third party dependent on the fulfillment of...
recovery key:
- TPM only
- TPM + PIN
- TPM + PIN + USB Key
- TPM + USB Key
- USB Key
Operation
Contrary to the official name, BitLocker Drive Encryption is a logical volumeVolume (computing)
In the context of computer operating systems, volume is the term used to describe a single accessible storage area with a single file system, typically resident on a single partition of a hard disk. Similarly, it refers to the logical interface used by an operating system to access data stored on...
encryption system. A volume may or may not be an entire drive, and can span one or more physical drives. Also, when enabled TPM and BitLocker can ensure the integrity of the trusted boot path (e.g. BIOS, boot sector, etc.), in order to prevent most offline physical attacks, boot sector malware, etc.
In order for BitLocker to operate, the hard disk requires at least two NTFS
NTFS
NTFS is the standard file system of Windows NT, including its later versions Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Vista, and Windows 7....
-formatted volumes
Volume (computing)
In the context of computer operating systems, volume is the term used to describe a single accessible storage area with a single file system, typically resident on a single partition of a hard disk. Similarly, it refers to the logical interface used by an operating system to access data stored on...
: one for the operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
(usually C:) and another with a minimum size of 100 MB from which the operating system boots
Booting
In computing, booting is a process that begins when a user turns on a computer system and prepares the computer to perform its normal operations. On modern computers, this typically involves loading and starting an operating system. The boot sequence is the initial set of operations that the...
. BitLocker requires the boot volume to remain unencrypted—on Windows Vista this volume must be assigned a drive letter, while on Windows 7 it does not. Unlike previous versions of Windows, Vista's "diskpart" command-line tool includes the ability to shrink the size of an NTFS volume so that the system volume for BitLocker can be created from already-allocated space. A tool called the "BitLocker Drive Preparation Tool" is also available from Microsoft that allows an existing volume on Windows Vista to be shrunk to make room for a new boot volume, and for the necessary bootstrapping files to be transferred to it; Windows 7 creates the secondary boot volume by default, even if BitLocker is not used initially.
Once an alternate boot partition has been created, the TPM module needs to be initialized (assuming that this feature is being used), after which the required disk encryption key protection mechanisms such as TPM, PIN or USB key are configured. The volume is then encrypted as a background task, something that can take a considerable amount of time with a large disk as every logical sector is read, encrypted and rewritten back to disk. Only once the whole volume has been encrypted are the keys protected, and the volume considered secure. BitLocker uses a low-level device driver to encrypt and decrypt all file operations, making interaction with the encrypted volume transparent to applications running on the platform.
The Microsoft Encrypting File System
Encrypting File System
The Encrypting File System on Microsoft Windows is a feature introduced in version 3.0 of NTFS that provides filesystem-level encryption...
(EFS) may be used in conjunction with BitLocker to provide protection once the operating system kernel is running. Protection of the files from processes/users within the operating system can only be performed using encryption software that operates within Windows, such as EFS. BitLocker and EFS therefore offer protection against different classes of attacks.
In Active Directory
Active Directory
Active Directory is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems. Server computers on which Active Directory is running are called domain controllers....
environments, BitLocker supports optional key escrow
Key escrow
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys...
to Active Directory
Active Directory
Active Directory is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems. Server computers on which Active Directory is running are called domain controllers....
, although a schema update may be required for this to work (i.e. if the Active Directory Directory Services are hosted on a Windows version previous to Windows Server 2008).
Other systems like BitLocker can have their recovery key/password entry process spoofed
Spoofing attack
In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.- Spoofing and TCP/IP :...
by another bootmanager or OS install. Once the spoofed software captured the secret, it could be used to decrypt the Volume Master Key (VMK), which would then allow access to decrypt or modify any information on the user's BitLocker-encrypted hard disk. By configuring a TPM
Trusted Platform Module
In computing, Trusted Platform Module is both the name of a published specification detailing a secure cryptoprocessor that can store cryptographic keys that protect information, as well as the general name of implementations of that specification, often called the "TPM chip" or "TPM Security...
to protect the trusted boot
Booting
In computing, booting is a process that begins when a user turns on a computer system and prepares the computer to perform its normal operations. On modern computers, this typically involves loading and starting an operating system. The boot sequence is the initial set of operations that the...
pathway, including the BIOS
BIOS
In IBM PC compatible computers, the basic input/output system , also known as the System BIOS or ROM BIOS , is a de facto standard defining a firmware interface....
and boot sector
Boot sector
A boot sector or boot block is a region of a hard disk, floppy disk, optical disc, or other data storage device that contains machine code to be loaded into random-access memory by a computer system's built-in firmware...
, this threat can be removed.
Security concerns
According to Microsoft sources, BitLocker does not contain an intentionally built-in backdoor; there is no way for law enforcement to have a guaranteed passage to the data on the user's drives that is provided by Microsoft. The lack of any backdoor has been a concern to the UK Home Office, which tried entering into talks with Microsoft to get one introduced, though Microsoft developer Niels FergusonNiels Ferguson
Niels T. Ferguson is a Dutch cryptographer and consultant who currently works for Microsoft. He has worked with others, including Bruce Schneier, designing cryptographic algorithms, testing algorithms and protocols, and writing papers and books...
and other Microsoft spokesmen state that they have not granted the wish to have one added. Although the AES encryption algorithm used in BitLocker is in the public domain
Public domain
Works are in the public domain if the intellectual property rights have expired, if the intellectual property rights are forfeited, or if they are not covered by intellectual property rights at all...
, its actual implementation in BitLocker, as well as other components of the software, are closed source
Proprietary software
Proprietary software is computer software licensed under exclusive legal right of the copyright holder. The licensee is given the right to use the software under certain conditions, while restricted from other uses, such as modification, further distribution, or reverse engineering.Complementary...
; however, the code is available for scrutiny by Microsoft partners and enterprises, subject to a non-disclosure agreement
Non-disclosure agreement
A non-disclosure agreement , also known as a confidentiality agreement , confidential disclosure agreement , proprietary information agreement , or secrecy agreement, is a legal contract between at least two parties that outlines confidential material, knowledge, or information that the parties...
.
The "Transparent operation mode" and "User authentication mode" of BitLocker use the TPM hardware to detect if there are unauthorized changes to the pre-boot environment, including the BIOS
BIOS
In IBM PC compatible computers, the basic input/output system , also known as the System BIOS or ROM BIOS , is a de facto standard defining a firmware interface....
and MBR
Master boot record
A master boot record is a type of boot sector popularized by the IBM Personal Computer. It consists of a sequence of 512 bytes located at the first sector of a data storage device such as a hard disk...
. If any unauthorized changes are detected, BitLocker requests a recovery key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
on a USB device, or a recovery password entered by hand. Either of these cryptographic secrets are used to decrypt the Volume Master Key (VMK) and allow the bootup
Booting
In computing, booting is a process that begins when a user turns on a computer system and prepares the computer to perform its normal operations. On modern computers, this typically involves loading and starting an operating system. The boot sequence is the initial set of operations that the...
process to continue.
Nevertheless, in February 2008, a group of security researchers published details of a so called "cold boot attack
Cold boot attack
In cryptography, a cold boot attack is a type of side channel attack in which an attacker with physical access to a computer is able to retrieve encryption keys from a running operating system after using a cold reboot to restart the machine from a completely "off" state...
" that allows a BitLocker-protected machine to be compromised by booting the machine off removable media, such as a USB
Universal Serial Bus
USB is an industry standard developed in the mid-1990s that defines the cables, connectors and protocols used in a bus for connection, communication and power supply between computers and electronic devices....
drive, into another operating system, then dumping the contents of pre-boot memory. The attack relies on the fact that DRAM
Dram
Dram or DRAM may refer to:As a unit of measure:* Dram , an imperial unit of mass and volume* Armenian dram, a monetary unit* Dirham, a unit of currency in several Arab nationsOther uses:...
retains information
Data remanence
Data remanence is the residual representation of data that remains even after attempts have been made to remove or erase the data. This residue may result from data being left intact by a nominal file deletion operation, by reformatting of storage media that does not remove data previously written...
for up to several minutes (or even longer if cooled) after power has been removed. Use of a TPM module alone does not offer any protection, as the keys are held in memory while Windows is running, although two-factor authentication
Two-factor authentication
Two-factor authentication is an approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are. It is a part of the broader family of multi-factor authentication, which is a defense in depth approach to security...
, i.e. using TPM together with a PIN, offers better protection for machines that are not powered on when physical access to them is obtained. Similar full disk encryption mechanisms of other vendors and other operating systems, including Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
and Mac OS X
Mac OS X
Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...
, are vulnerable to the same attack. The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a "sleep"
Power management
Power management is a feature of some electrical appliances, especially copiers, computers and computer peripherals such as monitors and printers, that turns off the power or switches the system to a low-power state when inactive. In computing this is known as PC power management and is built...
state) and that a password also be required to boot the machine.
Once a BitLocker-protected machine is running, its keys are stored in memory where they may be susceptible to attack by a process that is able to access physical memory, for example through a 1394
IEEE 1394 interface
The IEEE 1394 interface is a serial bus interface standard for high-speed communications and isochronous real-time data transfer, frequently used by personal computers, as well as in digital audio, digital video, automotive, and aeronautics applications. The interface is also known by the brand...
DMA
Direct memory access
Direct memory access is a feature of modern computers that allows certain hardware subsystems within the computer to access system memory independently of the central processing unit ....
channel. Any cryptographic material in memory is at risk from this attack, which is therefore not specific to BitLocker.
See also
- Disk encryptionDisk encryptionDisk encryption is a special case of data at rest protection when the storage media is a sector-addressable device . This article presents cryptographic aspects of the problem...
- Full disk encryptionFull disk encryptionDisk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume. Disk encryption prevents unauthorized access to data storage. The term "full disk encryption" is often used to signify that everything on a disk is encrypted, including the...
- Comparison of disk encryption softwareComparison of disk encryption software-Background information:-Operating systems:-Features:* Hidden containers: Whether hidden containers can be created for deniable encryption...
- Disk encryption softwareDisk encryption softwareTo protect confidentiality of the data stored on a computer disk a computer security technique called disk encryption is used. This article discusses software that is used to implement the technique...
- Features new to Windows VistaFeatures new to Windows VistaWindows Vista has many new features compared with previous Microsoft Windows versions, covering most aspects of the operating system.This article discusses the changes most likely to be of interest to non-technical users...
- List of Microsoft Windows components
- Vista IO technologiesVista IO technologiesWindows Vista introduced a number of new I/O functions to the Microsoft Windows line of operating systems. They are intended to shorten the time taken to boot the system, improve the responsiveness of the system, and improve the reliability of data storage....
- NGSCBNext-Generation Secure Computing BaseThe Next-Generation Secure Computing Base , formerly known as Palladium, is a software architecture designed by Microsoft which is expected to implement parts of the controversial "Trusted Computing" concept on future versions of the Microsoft Windows operating system. NGSCB is part of...
- FileVaultFileVaultFileVault is a system which encrypts files on a Macintosh computer. It can be found in the Mac OS X v10.4 "Tiger" operating system and later....