BitLocker: Difference between revisions
Rescuing 1 sources and tagging 0 as dead.) #IABot (v2.0.1 |
Tags: Mobile edit Mobile web edit |
||
(67 intermediate revisions by 50 users not shown) | |||
Line 1: | Line 1: | ||
{{short description|Disk encryption software for Microsoft Windows}} |
|||
⚫ | |||
{{Good article}} |
{{Good article}} |
||
⚫ | |||
{{Infobox software |
{{Infobox software |
||
| name |
| name = BitLocker |
||
| logo |
| logo = BitLocker icon.png |
||
| logo_size |
| logo_size = x64px |
||
| screenshot |
| screenshot = Bitlocker setup window screenshot.png |
||
| screenshot_size |
| screenshot_size = 300px |
||
| caption |
| caption = Screenshot of the BitLocker Drive Encryption utility |
||
| developer |
| developer = [[Microsoft]] |
||
| released |
| released = {{Start date and age|2007|01|30}} |
||
| other_names |
| other_names = Device Encryption |
||
| operating system = [[Microsoft Windows]] |
| operating system = [[Microsoft Windows]] |
||
| genre |
| genre = [[Disk encryption software]] |
||
}} |
}} |
||
'''BitLocker''' is a [[full volume encryption]] feature included with [[Microsoft Windows]] versions starting with [[Windows Vista]]. It is designed to protect data by providing [[encryption]] for entire [[Volume (computing)|volumes]]. By default, it uses the [[Advanced Encryption Standard |
'''BitLocker''' is a [[full volume encryption]] feature included with [[Microsoft Windows]] versions starting with [[Windows Vista]]. It is designed to protect data by providing [[encryption]] for entire [[Volume (computing)|volumes]]. By default, it uses the [[Advanced Encryption Standard]] (AES) algorithm in [[cipher block chaining]] (CBC) or "[[xor–encrypt–xor]] (XEX)[[Disk encryption theory#XEX-based tweaked-codebook mode with ciphertext stealing (XTS)|-based Tweaked codebook mode with ciphertext Stealing]]" (XTS) mode<ref name="Win10New" /> with a 128-[[bit]] or 256-bit [[Key (cryptography)|key]].<ref name="FAQ">{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-vista/cc766200(v=ws.10) |title=Windows BitLocker Drive Encryption Frequently Asked Questions |work=TechNet Library |publisher=Microsoft |date=March 22, 2012 |access-date=March 7, 2020}}</ref><ref name="AES-CBC">{{cite web |last1=Ferguson |first1=Niels |title=AES-CBC + Elephant Diffuser: A Disk Encryption Algorithm for Windows Vista |url=https://download.microsoft.com/download/0/2/3/0238acaf-d3bf-4a6d-b3d6-0a0be4bbb36e/BitLockerCipher200608.pdf |publisher=Microsoft |access-date=March 7, 2020 |date=August 2006}}</ref> CBC is not used over the whole disk; it is applied to each individual [[Disk sector|sector]].<ref name="AES-CBC" /> |
||
== History == |
== History == |
||
BitLocker originated as a part of Microsoft's [[Next-Generation Secure Computing Base]] architecture in 2004 as a feature tentatively codenamed "Cornerstone"<ref name="PdWinHEC20042">{{cite web |url=https://download.microsoft.com/download/1/8/f/18f8cee2-0b64-41f2-893d-a6f2295b40c8/TW04008_WINHEC2004.ppt |title=Next-Generation Secure Computing Base |last=Biddle |first=Peter |author-link=Peter Biddle |date=2004 |archive-url=https://web.archive.org/web/20060827073150/https://download.microsoft.com/download/1/8/f/18f8cee2-0b64-41f2-893d-a6f2295b40c8/TW04008_WINHEC2004.ppt |archive-date=August 27, 2006 |format=PPT |access-date=March 7, 2020 |publisher=[[Microsoft]] |url-status=dead}}</ref><ref name="PDC-Exclusive2">{{cite web |url=https://windowsitpro.com/article/windows-server-20082/pre-pdc-exclusive-windows-vista-product-editions-revealed-47665 |title=Pre-PDC Exclusive: Windows Vista Product Editions |last=Thurrott |first=Paul |
BitLocker originated as a part of Microsoft's [[Next-Generation Secure Computing Base]] architecture in 2004 as a feature tentatively codenamed "Cornerstone"<ref name="PdWinHEC20042">{{cite web |url=https://download.microsoft.com/download/1/8/f/18f8cee2-0b64-41f2-893d-a6f2295b40c8/TW04008_WINHEC2004.ppt |title=Next-Generation Secure Computing Base |last=Biddle |first=Peter |author-link=Peter Biddle |date=2004 |archive-url=https://web.archive.org/web/20060827073150/https://download.microsoft.com/download/1/8/f/18f8cee2-0b64-41f2-893d-a6f2295b40c8/TW04008_WINHEC2004.ppt |archive-date=August 27, 2006 |format=PPT |access-date=March 7, 2020 |publisher=[[Microsoft]] |url-status=dead}}</ref><ref name="PDC-Exclusive2">{{cite web |url=https://windowsitpro.com/article/windows-server-20082/pre-pdc-exclusive-windows-vista-product-editions-revealed-47665 |title=Pre-PDC Exclusive: Windows Vista Product Editions |last=Thurrott |first=Paul |date=September 9, 2005 |publisher=[[Penton (company)|Penton]] |work=Supersite for Windows |access-date=March 7, 2020 |archive-url=https://web.archive.org/web/20150402154123/http://windowsitpro.com/article/windows-server-20082/pre-pdc-exclusive-windows-vista-product-editions-revealed-47665 |archive-date=April 2, 2015 |url-status=dead}}</ref> and was designed to protect information on devices, particularly if a device was lost or stolen. Another feature, titled "Code Integrity Rooting", was designed to validate the integrity of Microsoft Windows boot and system files.<ref name="PdWinHEC20042" /> When used in conjunction with a compatible [[Trusted Platform Module]] (TPM), BitLocker can validate the integrity of boot and system files before decrypting a protected volume; an unsuccessful validation will prohibit access to a protected system.<ref name="TechnicalOverview2">{{cite web |url=https://download.microsoft.com/download/5/D/6/5D6EAF2B-7DDF-476B-93DC-7CF0072878E6/secure-start_tech.doc |title=Secure Startup–Full Volume Encryption: Technical Overview |author=Microsoft |date=April 22, 2005 |format=DOC |access-date=March 7, 2020|author-link=Microsoft }}</ref><ref name="ExecutiveOverview2">{{cite web |url=https://download.microsoft.com/download/5/D/6/5D6EAF2B-7DDF-476B-93DC-7CF0072878E6/secure-start_exec.doc |title=Secure Startup – Full Volume Encryption: Executive Overview |author=Microsoft |date=April 21, 2005 |format=DOC |access-date=March 7, 2020|author-link=Microsoft }}</ref> BitLocker was briefly called Secure Startup before Windows Vista's [[release to manufacturing]].<ref name="TechnicalOverview2" /> |
||
BitLocker is available on: |
BitLocker is available on: |
||
* |
* [[Windows Vista editions#Windows Vista Enterprise|Enterprise]] and [[Windows Vista editions#Windows Vista Ultimate|Ultimate]] editions of [[Windows Vista]] and [[Windows 7]] |
||
* Pro and Enterprise editions of [[Windows 8]] and [[Windows 8.1|8.1]]<ref name="BitLockerNew">{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn306081(v=ws.11)?redirectedfrom=MSDN |title=What's New in BitLocker |work=TechNet Library |publisher=[[Microsoft]] |date=August 31, 2016 |access-date=March 7, 2020}}</ref><ref name="FAQ" /> |
* Pro and Enterprise editions of [[Windows 8]] and [[Windows 8.1|8.1]]<ref name="BitLockerNew">{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn306081(v=ws.11)?redirectedfrom=MSDN |title=What's New in BitLocker |work=TechNet Library |publisher=[[Microsoft]] |date=August 31, 2016 |access-date=March 7, 2020}}</ref><ref name="FAQ" /> |
||
* Windows Embedded Standard 7 and Windows Thin PC |
|||
⚫ | |||
* [[Windows Server 2008]]<ref name="Server2008">{{cite web |url=https://technet.microsoft.com/en-us/library/cc725719(v=ws.10).aspx |title=BitLocker Drive Encryption in Windows Vista |website=TechNet |publisher=Microsoft |archive-url=https://web.archive.org/web/20161117004047/https://technet.microsoft.com/en-us/library/cc725719%28v%3Dws.10%29.aspx |archive-date=November 17, 2016 |url-status=dead |access-date=March 7, 2020}}</ref> and later<ref name="Server2008R2">{{cite web |title=BitLocker Drive Encryption Overview |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732774(v=ws.11) |date=November 17, 2009 |access-date=March 7, 2020 |website=TechNet |publisher=Microsoft}}</ref><ref name="BitLockerNew" /> |
* [[Windows Server 2008]]<ref name="Server2008">{{cite web |url=https://technet.microsoft.com/en-us/library/cc725719(v=ws.10).aspx |title=BitLocker Drive Encryption in Windows Vista |website=TechNet |publisher=Microsoft |archive-url=https://web.archive.org/web/20161117004047/https://technet.microsoft.com/en-us/library/cc725719%28v%3Dws.10%29.aspx |archive-date=November 17, 2016 |url-status=dead |access-date=March 7, 2020}}</ref> and later<ref name="Server2008R2">{{cite web |title=BitLocker Drive Encryption Overview |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732774(v=ws.11) |date=November 17, 2009 |access-date=March 7, 2020 |website=TechNet |publisher=Microsoft}}</ref><ref name="BitLockerNew" /> |
||
⚫ | |||
* Pro, Enterprise, and Education editions of [[Windows 11]]<ref name="Win11editions">{{cite web |title=Finding your BitLocker recovery key in Windows |url=https://support.microsoft.com/en-us/windows/finding-your-bitlocker-recovery-key-in-windows-6b71ad27-0b89-ea08-f143-056f5ab347d6 |website=Windows support |publisher=Microsoft |access-date=December 2, 2021}}</ref> |
|||
==Features== |
==Features== |
||
{{Infobox software |
{{Infobox software |
||
| name |
| name = manage-bde |
||
| logo |
| logo = |
||
| screenshot |
| screenshot = |
||
| screenshot size |
| screenshot size = |
||
| caption |
| caption = |
||
| developer |
| developer = [[Microsoft]] |
||
| released |
| released = {{Start date and age|2007|01|30}} |
||
| latest release version = |
| latest release version = |
||
| latest release date |
| latest release date = |
||
| operating system |
| operating system = [[Microsoft Windows]] |
||
| genre |
| genre = [[Command (computing)|Command]] |
||
| license |
| license = [[Proprietary software|Proprietary]] [[commercial software]] |
||
| website |
| website = [https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/manage-bde manage-bde] |
||
}} |
}} |
||
Initially, the graphical BitLocker interface in Windows Vista could only encrypt the [[operating system]] volume. Starting with Windows Vista with Service Pack 1 and Windows Server 2008, volumes other than the operating system volume could be encrypted using the graphical tool. Still, some aspects of the BitLocker (such as turning autolocking on or off) had to be managed through a command-line tool called <code>manage-bde.wsf</code>.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/technet-magazine/cc510321(v=msdn.10) |title=Advances in BitLocker Drive Encryption |last=Hynes |first=Byron |work=TechNet Magazine |publisher=Microsoft |date=September 8, 2016 |access-date=March 7, 2020}}</ref> |
Initially, the graphical BitLocker interface in Windows Vista could only encrypt the [[operating system]] volume.<ref>{{cite web |url=https://www.computerworld.com/article/1584790/vista-s-bitlocker-encryption-all-it-s-cracked-up-to-be.html |title=Vista’s BitLocker Encryption |last=Yegulalp |first=Serdar |publisher=Computerworld |date=Aug 7, 2007 |access-date=May 15, 2024}}</ref> Starting with Windows Vista with Service Pack 1 and Windows Server 2008, volumes other than the operating system volume could be encrypted using the graphical tool. Still, some aspects of the BitLocker (such as turning autolocking on or off) had to be managed through a command-line tool called <code>manage-bde.wsf</code>.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/technet-magazine/cc510321(v=msdn.10) |title=Advances in BitLocker Drive Encryption |last=Hynes |first=Byron |work=TechNet Magazine |publisher=Microsoft |date=September 8, 2016 |access-date=March 7, 2020}}</ref> |
||
The version of BitLocker included in Windows 7 and Windows Server 2008 |
The version of BitLocker included in Windows 7 and Windows Server 2008 Release 2 adds the ability to encrypt removable drives. On [[Windows XP]] or Windows Vista, read-only access to these drives can be achieved through a program called BitLocker To Go Reader, if [[FAT16]], [[FAT32]] or [[exFAT]] filesystems are used.<ref>{{cite web |url=https://support.microsoft.com/en-us/help/970401/ |title=Description of BitLocker To Go Reader |url-status=dead |publisher=Microsoft |access-date=April 25, 2017 |archive-url=https://web.archive.org/web/20190924171026/https://support.microsoft.com/en-us/help/970401/ |archive-date=September 24, 2019 }}</ref> In addition, a new command-line tool called <code>manage-bde</code> replaced the old <code>manage-bde.wsf</code>.<ref>{{cite web |title=Enabling BitLocker by Using the Command Line |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-7/dd894351(v=ws.10) |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |date=September 12, 2012 |access-date=March 7, 2020}}</ref> |
||
Starting with Windows Server 2012 and Windows 8, Microsoft has complemented BitLocker with the Microsoft Encrypted Hard Drive specification, which allows the cryptographic operations of BitLocker encryption to be offloaded to the storage device's hardware.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831627(v=ws.11) |title=Encrypted Hard Drive |date=August 31, 2016 |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |access-date=March 7, 2020}}</ref><ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/hardware/design/dn653989(v=vs.85) |title=Encrypted Hard Drive Device Guide |date=June 1, 2017 |website=[[MSDN]] |publisher=[[Microsoft]] |access-date=March 7, 2020}}</ref> In addition, BitLocker can now be managed through [[Windows PowerShell]].<ref>{{cite web |title=BitLocker |url=https://docs.microsoft.com/en-us/powershell/module/bitlocker/?view-winserver2012-ps=&redirectedfrom=MSDN&view=win10-ps |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |access-date=March 7, 2020}}</ref> Finally, Windows 8 introduced [[Windows To Go]] in its Enterprise edition, which BitLocker can protect.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/jj592680(v=ws.11) |title=Windows To Go: Frequently Asked Questions |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |date=October 23, 2013 |access-date=March 7, 2020}}</ref> |
Starting with Windows Server 2012 and Windows 8, Microsoft has complemented BitLocker with the Microsoft Encrypted Hard Drive specification, which allows the cryptographic operations of BitLocker encryption to be offloaded to the storage device's hardware, for example, [[self-encrypting drive]]s.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831627(v=ws.11) |title=Encrypted Hard Drive |date=August 31, 2016 |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |access-date=March 7, 2020}}</ref><ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/hardware/design/dn653989(v=vs.85) |title=Encrypted Hard Drive Device Guide |date=June 1, 2017 |website=[[MSDN]] |publisher=[[Microsoft]] |access-date=March 7, 2020}}</ref> In addition, BitLocker can now be managed through [[Windows PowerShell]].<ref>{{cite web |title=BitLocker |url=https://docs.microsoft.com/en-us/powershell/module/bitlocker/?view-winserver2012-ps=&redirectedfrom=MSDN&view=win10-ps |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |access-date=March 7, 2020}}</ref> Finally, Windows 8 introduced [[Windows To Go]] in its Enterprise edition, which BitLocker can protect.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/jj592680(v=ws.11) |title=Windows To Go: Frequently Asked Questions |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |date=October 23, 2013 |access-date=March 7, 2020}}</ref> |
||
=== Device encryption === |
=== Device encryption === |
||
<!--[[Device encryption]] redirects to this section 2--> |
<!--[[Device encryption]] redirects to this section 2--> |
||
[[Windows Mobile 6.5]], [[Windows RT]] and core editions of Windows 8.1 include '''device encryption''', a feature-limited version of BitLocker that encrypts the whole system.<ref name="ars-deviceencryption2">{{cite web |title=Device Encryption |url=https://docs.microsoft.com/en-us/previous-versions/bb964600(v=msdn.10) |website=Device Encryption |publisher=[[Microsoft]] |access-date=March 7, 2020 |date=November 18, 2015}}</ref><ref>{{cite web |last=Cunningham |first=Andrew |title=Windows 8.1 includes seamless, automatic disk encryption—if your PC supports it |url=https://arstechnica.com/information-technology/2013/10/windows-8-1-includes-seamless-automatic-disk-encryption-if-your-pc-supports-it/ |website=[[Ars Technica]] |publisher=[[Condé Nast]] |access-date=March 7, 2020 |date=October 17, 2013}}</ref><ref name="HelpPortal2">{{cite web |title=Help protect your files with device encryption |url=http://windows.microsoft.com/en-us/windows-8/using-device-encryption |website=Windows Help portal |publisher=[[Microsoft]] |archive-url=https://web.archive.org/web/20160502203117/http://windows.microsoft.com/en-us/windows-8/using-device-encryption |url-status=dead |archive-date=May 2, 2016 |access-date=March 7, 2020}}</ref> Logging in with a [[Microsoft account]] with administrative privileges automatically begins the encryption process. The recovery key is stored to either the Microsoft account or [[Active Directory]], allowing it to be retrieved from any computer. While device encryption is offered on all |
[[Windows Mobile 6.5]], [[Windows RT]] and core editions of Windows 8.1 include '''device encryption''', a feature-limited version of BitLocker that encrypts the whole system.<ref name="ars-deviceencryption2">{{cite web |title=Device Encryption |url=https://docs.microsoft.com/en-us/previous-versions/bb964600(v=msdn.10) |website=Device Encryption |publisher=[[Microsoft]] |access-date=March 7, 2020 |date=November 18, 2015}}</ref><ref>{{cite web |last=Cunningham |first=Andrew |title=Windows 8.1 includes seamless, automatic disk encryption—if your PC supports it |url=https://arstechnica.com/information-technology/2013/10/windows-8-1-includes-seamless-automatic-disk-encryption-if-your-pc-supports-it/ |website=[[Ars Technica]] |publisher=[[Condé Nast]] |access-date=March 7, 2020 |date=October 17, 2013}}</ref><ref name="HelpPortal2">{{cite web |title=Help protect your files with device encryption |url=http://windows.microsoft.com/en-us/windows-8/using-device-encryption |website=Windows Help portal |publisher=[[Microsoft]] |archive-url=https://web.archive.org/web/20160502203117/http://windows.microsoft.com/en-us/windows-8/using-device-encryption |url-status=dead |archive-date=May 2, 2016 |access-date=March 7, 2020}}</ref> Logging in with a [[Microsoft account]] with administrative privileges automatically begins the encryption process. The recovery key is stored to either the Microsoft account or [[Active Directory]] ([[Active Directory]] requires Pro editions of Windows), allowing it to be retrieved from any computer. While device encryption is offered on all editions of Windows 8.1, unlike BitLocker, device encryption requires that the device meet the [[InstantGo]] (formerly [[Connected Standby]]) specifications,<ref name="HelpPortal2" /> which requires [[solid-state drive]]s and a TPM 2.0 chip.<ref name="ars-deviceencryption2" /><ref>{{cite web |last=Thurrott |first=Paul |title=In Blue: Device Encryption |url=http://winsupersite.com/windows-8/blue-device-encryption |work=Paul Thurrott's SuperSite for Windows |publisher=[[Penton Media]] |access-date=March 7, 2020 |date=June 4, 2013 |archive-url=https://web.archive.org/web/20130609041130/http://winsupersite.com/windows-8/blue-device-encryption |archive-date=June 9, 2013 |url-status=dead}}</ref> |
||
Starting with Windows 10 1703, the requirements for device encryption have changed, requiring a TPM 1.2 or 2.0 module with PCR 7 support, [[UEFI Secure Boot]], and that the device meets Modern Standby requirements or HSTI validation.<ref>{{cite web |url=https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-bitlocker |title=BitLocker drive encryption in Windows 10 for OEMs |website=docs.microsoft.com |date=November 16, 2018 |access-date=March 7, 2020}}</ref> |
Starting with Windows 10 1703, the requirements for device encryption have changed, requiring a TPM 1.2 or 2.0 module with PCR 7 support, [[UEFI Secure Boot]], and that the device meets Modern Standby requirements or HSTI validation.<ref>{{cite web |url=https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-bitlocker |title=BitLocker drive encryption in Windows 10 for OEMs |website=docs.microsoft.com |date=November 16, 2018 |access-date=March 7, 2020}}</ref> |
||
In September 2019 new update was released (KB4516071<ref>{{cite web |url=https://support.microsoft.com/en-us/help/4516071/windows-10-update-kb4516071 |title=September 24, 2019—KB4516071 (OS Build 16299.1420) |website=support.microsoft.com |access-date=March 7, 2020}}</ref>) changing the default setting for BitLocker when encrypting a self-encrypting |
Device encryption requirements were relaxed in Windows 11 24H2, with the Modern Standby or HSTI compliance no longer required and the DMA interfaces blocklist removed.<ref>{{Cite web |last= |date=2024-05-22 |title=BitLocker drive encryption in Windows 11 for OEMs |url=https://learn.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-bitlocker |access-date=2024-10-18 |website=learn.microsoft.com |language=en-us}}</ref> |
||
In September 2019 a new update was released (KB4516071<ref>{{cite web |url=https://support.microsoft.com/en-us/help/4516071/windows-10-update-kb4516071 |title=September 24, 2019—KB4516071 (OS Build 16299.1420) |website=support.microsoft.com |access-date=March 7, 2020}}</ref>) changing the default setting for BitLocker when encrypting a self-encrypting drive. Now, the default is to use software encryption for newly encrypted drives. This is due to hardware encryption flaws and security concerns related to those issues.<ref>{{cite web |url=https://www.zdnet.com/article/flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/ |title=Flaws in self-encrypting SSDs let attackers bypass disk encryption |website=[[ZDNet]] |date=November 5, 2018 |first=Catalin |last=Cimpanu |access-date=March 7, 2020}}</ref> |
|||
=== Encryption modes === |
=== Encryption modes === |
||
Line 59: | Line 64: | ||
* '''Transparent operation mode''': This mode uses the capabilities of TPM 1.2 hardware to provide for transparent user experience—the user powers up and logs into Windows as usual. The key used for [[disk encryption]] is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the [[Trusted Computing Group]] (TCG). This mode is vulnerable to a [[cold boot attack]], as it allows a powered-down machine to be [[Booting|booted]] by an attacker. It is also vulnerable to a sniffing attack, as the volume encryption key is transferred in plain text from the TPM to the CPU during a successful boot. |
* '''Transparent operation mode''': This mode uses the capabilities of TPM 1.2 hardware to provide for transparent user experience—the user powers up and logs into Windows as usual. The key used for [[disk encryption]] is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the [[Trusted Computing Group]] (TCG). This mode is vulnerable to a [[cold boot attack]], as it allows a powered-down machine to be [[Booting|booted]] by an attacker. It is also vulnerable to a sniffing attack, as the volume encryption key is transferred in plain text from the TPM to the CPU during a successful boot. |
||
* '''User authentication mode''': This mode requires that the user provide some authentication to the pre-boot environment in the form of a pre-boot [[Personal identification number|PIN]] or password. |
* '''User authentication mode''': This mode requires that the user provide some authentication to the pre-boot environment in the form of a pre-boot [[Personal identification number|PIN]] or password. |
||
* '''USB Key Mode''': The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment. |
* '''USB Key Mode''': The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment. BitLocker does not support smart cards for pre-boot authentication.<ref>{{Cite web |last=Dansimp |title=Using BitLocker with other programs FAQ (Windows 10) - Windows security |url=https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq |access-date=2022-07-27 |website=docs.microsoft.com |language=en-us}}</ref> |
||
The following combinations of the above authentication mechanisms are supported, all with an optional [[key escrow|escrow]] recovery key: |
The following combinations of the above authentication mechanisms are supported, all with an optional [[key escrow|escrow]] recovery key: |
||
Line 72: | Line 77: | ||
BitLocker is a [[Volume (computing)|logical volume]] encryption system. (A volume spans part of a [[hard disk drive]], the whole drive or more than one drive.) When enabled, TPM and BitLocker can ensure the integrity of the trusted boot path (e.g. BIOS and boot sector), in order to prevent most offline physical attacks and boot sector malware.<ref name="Win7FAQ" /> |
BitLocker is a [[Volume (computing)|logical volume]] encryption system. (A volume spans part of a [[hard disk drive]], the whole drive or more than one drive.) When enabled, TPM and BitLocker can ensure the integrity of the trusted boot path (e.g. BIOS and boot sector), in order to prevent most offline physical attacks and boot sector malware.<ref name="Win7FAQ" /> |
||
In order for BitLocker to encrypt the volume holding the operating system, at least two [[NTFS]]-formatted volumes are required: one for the operating system (usually C:) and another with a minimum size of 100 MB, which remains unencrypted and [[Booting|boots]] the operating system.<ref name="Win7FAQ" /> (In case of Windows Vista and [[Windows Server 2008]], however, the volume's minimum size is 1.5 GB and must have a drive letter.)<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-vista/cc766295(v=ws.10)|title=Windows BitLocker Drive Encryption Step-by-Step Guide |work=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |date=July 2, 2012 |access-date=March 7, 2020}}</ref> Unlike previous versions of Windows, Vista's "diskpart" command-line tool includes the ability to shrink the size of an NTFS volume so that this volume may be created from already allocated space. A tool called the BitLocker Drive Preparation Tool is also available from Microsoft that allows an existing volume on Windows Vista to be shrunk to make room for a new boot volume and for the necessary [[Bootstrapping (computing)|bootstrapping]] files to be transferred to it.<ref>{{cite web |url=https://support.microsoft.com/en-us/help/933246/description-of-the-bitlocker-drive-preparation-tool |title=Description of the BitLocker Drive Preparation Tool |date=December 21, 2011 |publisher=Microsoft |access-date=March 7, 2020}}</ref> |
In order for BitLocker to encrypt the volume holding the operating system, at least two [[NTFS]]-formatted volumes are required: one for the operating system (usually C:) and another with a minimum size of 100 MB, which remains unencrypted and [[Booting|boots]] the operating system.<ref name="Win7FAQ" /> (In case of Windows Vista and [[Windows Server 2008]], however, the volume's minimum size is 1.5 GB and must have a [[drive letter]].)<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-vista/cc766295(v=ws.10)|title=Windows BitLocker Drive Encryption Step-by-Step Guide |work=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |date=July 2, 2012 |access-date=March 7, 2020}}</ref> Unlike previous versions of Windows, Vista's "diskpart" command-line tool includes the ability to shrink the size of an NTFS volume so that this volume may be created from already allocated space. A tool called the BitLocker Drive Preparation Tool is also available from Microsoft that allows an existing volume on Windows Vista to be shrunk to make room for a new boot volume and for the necessary [[Bootstrapping (computing)|bootstrapping]] files to be transferred to it.<ref>{{cite web |url=https://support.microsoft.com/en-us/help/933246/description-of-the-bitlocker-drive-preparation-tool |title=Description of the BitLocker Drive Preparation Tool |date=December 21, 2011 |publisher=Microsoft |access-date=March 7, 2020}}</ref> |
||
Once an alternate boot partition has been created, the TPM module needs to be initialized (assuming that this feature is being used), after which the required disk-encryption key protection mechanisms such as TPM, PIN or [[Usb key|USB key]] are configured.<ref name="ExamRef">{{cite book |title=Exam Ref 70-687: Configuring Windows 8 |last1=Andrew |first1=Bettany |last2=Halsey |first2=Mike |publisher=Microsoft Press |year=2013 |isbn=978-0-7356-7392-2 |edition=1 |pages=307 |oclc=851209981}}</ref> The volume is then encrypted as a background task, something that may take a considerable amount of time with a large disk as every logical sector is read, encrypted and rewritten back to disk.<ref name="ExamRef" /> The keys are only protected after the whole volume has been encrypted when the volume is considered secure.<ref>{{cite book |title=Introducing Windows 8: An Overview for IT professionals |last=Jerry |first=Honeycutt |publisher=Microsoft |year=2012 |isbn=978-0-7356-7050-1 |pages=121 |oclc=819519777}}</ref> BitLocker uses a low-level device driver to encrypt and decrypt all file operations, making interaction with the encrypted volume transparent to applications running on the platform.<ref name="ExamRef" /> |
Once an alternate boot partition has been created, the TPM module needs to be initialized (assuming that this feature is being used), after which the required disk-encryption key protection mechanisms such as TPM, PIN or [[Usb key|USB key]] are configured.<ref name="ExamRef">{{cite book |title=Exam Ref 70-687: Configuring Windows 8 |last1=Andrew |first1=Bettany |last2=Halsey |first2=Mike |publisher=Microsoft Press |year=2013 |isbn=978-0-7356-7392-2 |edition=1 |pages=307 |oclc=851209981}}</ref> The volume is then encrypted as a background task, something that may take a considerable amount of time with a large disk as every logical sector is read, encrypted and rewritten back to disk.<ref name="ExamRef" /> The keys are only protected after the whole volume has been encrypted when the volume is considered secure.<ref>{{cite book |title=Introducing Windows 8: An Overview for IT professionals |last=Jerry |first=Honeycutt |publisher=Microsoft |year=2012 |isbn=978-0-7356-7050-1 |pages=121 |oclc=819519777}}</ref> BitLocker uses a low-level device driver to encrypt and decrypt all file operations, making interaction with the encrypted volume transparent to applications running on the platform.<ref name="ExamRef" /> |
||
Line 83: | Line 88: | ||
== Security concerns == |
== Security concerns == |
||
⚫ | According to Microsoft sources,<ref>{{cite web |url=https://docs.microsoft.com/en-us/archive/blogs/si_team/back-door-nonsense |title=Back-door nonsense |date=March 2, 2006 |publisher=Microsoft |work=System Integrity Team Blog |access-date=March 7, 2020}}</ref> BitLocker does not contain an intentionally built-in [[Backdoor (computing)|backdoor]] |
||
=== TPM alone is not enough === |
|||
The "Transparent operation mode" and "User authentication mode" of BitLocker use TPM hardware to detect |
The "Transparent operation mode" and "User authentication mode" of BitLocker use TPM hardware to detect whether there are unauthorized changes to the pre-boot environment, including the [[BIOS]] and [[Master boot record|MBR]]. If any unauthorized changes are detected, BitLocker requests a recovery key on a USB device. This cryptographic secret is used to decrypt the Volume Master Key (VMK) and allow the [[Booting|bootup]] process to continue.<ref name="TPM-operation2">{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/technet-magazine/cc138009(v=msdn.10) |title=Keys to Protecting Data with BitLocker Drive Encryption |last=Byron |first=Hynes |work=TechNet Magazine |date=September 7, 2016 |publisher=Microsoft |access-date=March 7, 2020}}</ref> However, TPM alone is not enough: |
||
⚫ | * In February 2008, a group of security researchers published details of a so-called "[[cold boot attack]]" that allows full disk encryption systems such as BitLocker to be compromised by booting the machine from removable media, such as a USB drive, into another operating system, then [[Core dump|dumping]] the contents of pre-boot memory.<ref name="ColdBoot2">{{cite thesis |url=https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf |title=Lest We Remember: Cold Boot Attacks on Encryption Keys |last1=Halderman |first1=J. Alex |last2=Schoen |first2=Seth D. |author-link2=Seth Schoen |last3=Heninger |author3-link=Nadia Heninger |first3=Nadia |last4=Clarkson |first4=William |last5=Paul |first5=William |last6=Calandrino |first6=Joseph A. |last7=Feldman |first7=Ariel J. |last8=Appelbaum |first8=Jacob |last9=Felten |first9=Edward W |author-link9=Edward Felten |publisher=[[Princeton University]] |date=February 21, 2008 |access-date=March 7, 2020}}</ref> The attack relies on the fact that [[Dynamic random-access memory|DRAM]] [[Data remanence|retains information]] for up to several minutes (or even longer, if cooled) after the power has been removed. The [[Forensic disk controller|Bress/Menz device]], described in US Patent 9,514,789, can accomplish this type of attack.<ref>{{cite web |url=https://patents.google.com/patent/US20150006804A1/en |title=Systems and methods for safely moving short term memory devices while preserving, protecting and examining their digital data |access-date=March 7, 2020}}</ref> Similar full disk encryption mechanisms of other vendors and other operating systems, including [[Linux]] and [[macOS|Mac OS X]], are vulnerable to the same attack. The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a [[sleep mode]]) and that the encryption software be configured to require a password to boot the machine.<ref name="ColdBoot2" /> |
||
⚫ | * On 10 November 2015, Microsoft released a security update to mitigate a security vulnerability in BitLocker that allowed authentication to be bypassed by employing a malicious [[Kerberos (protocol)|Kerberos]] key distribution center, if the attacker had physical access to the machine, the machine was part of a domain and had no PIN or USB flash drive protection.<ref>{{cite web |url=https://technet.microsoft.com/library/security/MS15-122 |title=Microsoft Security Bulletin MS15-122 – Important |publisher=[[Microsoft]] |work=Security TechCenter |date=October 11, 2017 |access-date=March 7, 2020}}</ref> |
||
* BitLocker still does not properly support TPM 2.0 security features which, as a result, can lead to a complete bypass of privacy protection when keys are transmitted over [[Serial Peripheral Interface]] in a motherboard.<ref>{{cite news | title=From Stolen Laptop to Inside the Company Network| url=https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network|date=July 28, 2021|work=Dolos Group|access-date=December 2, 2021}}</ref> |
|||
All these attacks require physical access to the system and are thwarted by a secondary protector such as a USB flash drive or PIN code. |
|||
=== Upholding Kerckhoffs's principle === |
|||
Although the AES encryption algorithm used in BitLocker is in the [[public domain]], its implementation in BitLocker, as well as other components of the software, are [[Proprietary software|proprietary]]; however, the code is available for scrutiny by Microsoft partners and enterprises, subject to a [[non-disclosure agreement]].<ref>{{cite news|last=Thurrott|first=Paul|date=June 10, 2015|title=No Back Doors: Microsoft Opens Windows Source Code to EU Governments|newspaper=Petri|url=https://www.petri.com/no-back-doors-microsoft-opens-windows-source-code-to-eu-governments|access-date=March 7, 2020}}</ref><ref>{{cite web|title=Shared Source Initiative|url=https://www.microsoft.com/en-us/sharedsource/|access-date=March 7, 2020|website=www.microsoft.com}}</ref> |
|||
⚫ | According to Microsoft sources,<ref>{{cite web |url=https://docs.microsoft.com/en-us/archive/blogs/si_team/back-door-nonsense |title=Back-door nonsense |date=March 2, 2006 |publisher=Microsoft |work=System Integrity Team Blog |access-date=March 7, 2020}}</ref> BitLocker does not contain an intentionally built-in [[Backdoor (computing)|backdoor]], so there is no Microsoft-provided way for [[law enforcement]] to have guaranteed access to the data on a user's drive. In 2006, the [[Home Office|UK Home Office]] expressed concern over the lack of a backdoor and tried entering into talks with Microsoft to get one introduced.<ref>{{cite news |url=http://news.bbc.co.uk/2/hi/uk_news/politics/4713018.stm |title=UK holds Microsoft security talks |last=Stone-Lee |first=Ollie |publisher=[[BBC]] |date=February 16, 2006 |access-date=March 7, 2020}}</ref> Microsoft developer and cryptographer [[Niels Ferguson]] denied the backdoor request and said, "over my dead body".<ref name=":0">{{cite web |url=https://www.cnet.com/news/microsoft-vista-wont-get-a-backdoor/ |title=Microsoft: Vista won't get a backdoor |last=Evers |first=Joris |work=CNET |publisher=CBS Interactive |date=March 6, 2006 |access-date=March 7, 2020}}</ref> Microsoft engineers have said that United States [[Federal Bureau of Investigation]] agents also put pressure on them in numerous meetings to add a backdoor, although no formal, written request was ever made; Microsoft engineers eventually suggested that agents should look for the [[hard copy]] of the [[encryption key]] that the BitLocker program suggests that its users make.<ref>{{cite web |url=https://mashable.com/2013/09/11/fbi-microsoft-bitlocker-backdoor/ |title=Did the FBI Lean On Microsoft for Access to Its Encryption Software? |last=Franceschi-Bicchierai |first=Lorenzo |website=Mashable |date=September 11, 2013 |access-date=March 7, 2020}}</ref> |
||
⚫ | |||
Niels Ferguson's position that "back doors are simply not acceptable"<ref name=":0" /> is in accordance with [[Kerckhoffs's principle]]. Stated by Netherlands-born cryptographer [[Auguste Kerckhoffs]] in the 19th century, the principle holds that a [[cryptosystem]] should be secure, even if everything about the system, except the encryption key, is public knowledge. |
|||
Once a BitLocker-protected machine is running, its keys are stored in memory where they may be susceptible to attack by a process that can access physical memory, for example, through a [[IEEE 1394|1394]] or [[Thunderbolt (interface)|Thunderbolt]] [[Direct memory access|DMA]] channel.<ref>{{cite web |url=https://support.microsoft.com/en-us/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d |title=Blocking the SBP-2 driver and Thunderbolt controllers to reduce 1394 DMA and Thunderbolt DMA threats to BitLocker |publisher=Microsoft |date=November 7, 2018 |access-date=March 7, 2020}}</ref> Starting with Windows 10 version 1803, Microsoft added a new feature called "Kernel DMA Protection" to BitLocker, against DMA attacks via [[Thunderbolt 3]] ports.<ref>{{cite web |url=https://docs.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt |title=Kernel DMA Protection for Thunderbolt™ 3 |publisher=Microsoft |date=2019-03-26 |access-date=2020-03-16 }}</ref> |
|||
Since 2020, BitLocker's method and data structure is public knowledge due to reverse engineering; the Linux [[cryptsetup]] program is capable of reading and writing BitLocker-protected drives given the key.<ref>{{cite conference |conference=DevConf CZ |last1=Trefny |first1=Vojtech |title=BitLocker disk encryption on Linux |url=https://vtrefny.fedorapeople.org/misc/devconf-bitlocker.pdf |date=25 Jan 2020}}</ref> |
|||
⚫ | Starting with Windows 8 and Windows Server 2012, Microsoft removed the Elephant Diffuser from the BitLocker scheme for no declared reason.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831713(v=ws.11) |title=BitLocker Overview |website=technet.microsoft.com |date=August 31, 2016 |access-date=March 7, 2020}}</ref> Dan Rosendorf's research shows that removing the Elephant Diffuser had an "undeniably negative impact" on the security of BitLocker encryption against a targeted attack.<ref>{{cite web |url=http://spi.unob.cz/presentations/23-May/07-Rosendorf%20The%C2%A0BitLocker%C2%A0Schema.pdf | |
||
=== Other concerns === |
|||
⚫ | On 10 November 2015, Microsoft released a security update to mitigate a security vulnerability in BitLocker that allowed authentication to be bypassed by employing a malicious [[Kerberos (protocol)|Kerberos]] key distribution center, if the attacker had physical access to the machine, the machine was part of a domain and had no PIN or USB protection.<ref>{{cite web |url=https://technet.microsoft.com/library/security/MS15-122 |title=Microsoft Security Bulletin MS15-122 – Important |publisher=[[Microsoft]] |work=Security TechCenter |date=October 11, 2017 |access-date=March 7, 2020}}</ref> |
||
⚫ | Starting with Windows 8 and Windows Server 2012, Microsoft removed the Elephant Diffuser from the BitLocker scheme for no declared reason.<ref>{{cite web |url=https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831713(v=ws.11) |title=BitLocker Overview |website=technet.microsoft.com |date=August 31, 2016 |access-date=March 7, 2020}}</ref> Dan Rosendorf's research shows that removing the Elephant Diffuser had an "undeniably negative impact" on the security of BitLocker encryption against a targeted attack.<ref>{{cite web |last=Rosendorf |first=Dan |date=May 23, 2013 |title=Bitlocker: A little about the internals and what changed in Windows 8 |url=http://spi.unob.cz/presentations/23-May/07-Rosendorf%20The%C2%A0BitLocker%C2%A0Schema.pdf |archive-url=https://web.archive.org/web/20211022050105if_/http://spi.unob.cz/presentations/23-May/07-Rosendorf%20The%C2%A0BitLocker%C2%A0Schema.pdf |archive-date=October 22, 2021 |access-date=March 7, 2020}}</ref> Microsoft later cited performance concerns, and noncompliance with the [[Federal Information Processing Standards]] (FIPS), to justify the diffuser's removal.<ref>{{cite web |url=https://theintercept.com/2015/06/04/microsoft-disk-encryption/ |title=Microsoft Gives Details About Its Controversial Disk Encryption |last=Lee |first=Micah |date=June 4, 2015 |website=The Intercept |access-date=March 7, 2020}}</ref> Starting with Windows 10 version 1511, however, Microsoft added a new FIPS-compliant [[Disk encryption theory#XTS|XTS-AES]] encryption algorithm to BitLocker.<ref name="Win10New">{{cite web |last1=Hakala |first1=Trudy |title=What's new in Windows 10, versions 1507 and 1511 |url=https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1507-and-1511 |website=[[Microsoft TechNet|TechNet]] |publisher=[[Microsoft]] |access-date=March 7, 2020 |date=January 29, 2020}}</ref> Starting with Windows 10 version 1803, Microsoft added a new feature called "Kernel Direct Memory access (DMA) Protection" to BitLocker, to protect against [[DMA attack|DMA attacks]] via [[Thunderbolt 3]] ports.<ref>{{cite web|date=November 7, 2018|title=Blocking the SBP-2 driver and Thunderbolt controllers to reduce 1394 DMA and Thunderbolt DMA threats to BitLocker|url=https://support.microsoft.com/en-us/help/2516445/blocking-the-sbp-2-driver-and-thunderbolt-controllers-to-reduce-1394-d|access-date=March 7, 2020|publisher=Microsoft}}</ref><ref>{{cite web|date=2019-03-26|title=Kernel DMA Protection for Thunderbolt 3|url=https://docs.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt|access-date=2020-03-16|publisher=Microsoft}}</ref> "Kernel Direct Memory access (DMA) Protection" only protects against attacks through Thunderbolt. Direct Memory Access is also possible through [[PCI Express]]. In this type of attack an attacker would connect a malicious [[PCI Express]] Device,<ref>{{cite web|date=June 6, 2024|title=PCILeech|url=https://github.com/ufrisk/pcileech|access-date=June 13, 2024|publisher=Ulf Frisk}}</ref> which can in turn write directly to the memory and bypass the Windows login. To protect again this type of attack, Microsoft introduced "Virtualization-based Security".<ref>{{cite web|date=March 15, 2024|title=Securing BitLocker: Initial Setup and Defending Against Attacks|url=https://www.vidrasec.com/blog/setup-bitlocker/|access-date=June 13, 2024|publisher=VidraSec}}</ref><ref>{{cite web|date=March 20, 2023|title=PCILeech|url=https://learn.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-vbs|access-date=June 13, 2024|publisher=Microsoft}}</ref> |
||
In October 2017, it was reported that a flaw |
In October 2017, it was reported that a flaw enabled private keys to be inferred from [[public key cryptography|public keys]], which could allow an attacker to bypass BitLocker encryption when an affected TPM chip is used.<ref name="ars20171016">{{cite web |last=Goodin |first=Dan |date=October 16, 2017 |title=Millions of high-security crypto keys crippled by newly discovered flaw |url=https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/ |access-date=March 7, 2020 |work=[[Ars Technica]] |publisher=[[Condé Nast]]}}</ref> The flaw is the Return of Coppersmith's Attack or [[ROCA vulnerability]] which is in a code library developed by [[Infineon]] and had been in widespread use in security products such as [[smartcard]]s and TPMs. Microsoft released an updated version of the firmware for Infineon TPM chips that fixes the flaw via Windows Update.<ref>{{cite news |title=Infineon says has fixed encryption flaw found by researchers |url=https://www.reuters.com/article/us-infineon-cyber/infineon-says-has-fixed-encryption-flaw-found-by-researchers-idUSKBN1CL2KC |last=Busvine |first=Douglas |date=October 16, 2017 |work=Reuters |access-date=March 7, 2020}}</ref> |
||
== See also == |
== See also == |
||
* [[Features new to Windows Vista]] |
* [[Features new to Windows Vista]] |
||
* [[List of Microsoft Windows components]] |
* [[List of Microsoft Windows components]] |
||
* [[Vista |
* [[Windows Vista I/O technologies]] |
||
* [[Next-Generation Secure Computing Base]] |
* [[Next-Generation Secure Computing Base]] |
||
* [[FileVault]] |
* [[FileVault]] |
||
Line 116: | Line 130: | ||
[[Category:Windows Server 2008]] |
[[Category:Windows Server 2008]] |
||
[[Category:Windows 11]] |
|||
[[Category:Windows 10]] |
|||
[[Category:Windows 8]] |
|||
[[Category:Windows 7]] |
[[Category:Windows 7]] |
||
[[Category:Windows Vista]] |
[[Category:Windows Vista]] |
Latest revision as of 05:01, 16 November 2024
Other names | Device Encryption |
---|---|
Developer(s) | Microsoft |
Initial release | January 30, 2007 |
Operating system | Microsoft Windows |
Type | Disk encryption software |
Website | learn |
BitLocker is a full volume encryption feature included with Microsoft Windows versions starting with Windows Vista. It is designed to protect data by providing encryption for entire volumes. By default, it uses the Advanced Encryption Standard (AES) algorithm in cipher block chaining (CBC) or "xor–encrypt–xor (XEX)-based Tweaked codebook mode with ciphertext Stealing" (XTS) mode[1] with a 128-bit or 256-bit key.[2][3] CBC is not used over the whole disk; it is applied to each individual sector.[3]
History
[edit]BitLocker originated as a part of Microsoft's Next-Generation Secure Computing Base architecture in 2004 as a feature tentatively codenamed "Cornerstone"[4][5] and was designed to protect information on devices, particularly if a device was lost or stolen. Another feature, titled "Code Integrity Rooting", was designed to validate the integrity of Microsoft Windows boot and system files.[4] When used in conjunction with a compatible Trusted Platform Module (TPM), BitLocker can validate the integrity of boot and system files before decrypting a protected volume; an unsuccessful validation will prohibit access to a protected system.[6][7] BitLocker was briefly called Secure Startup before Windows Vista's release to manufacturing.[6]
BitLocker is available on:
- Enterprise and Ultimate editions of Windows Vista and Windows 7
- Pro and Enterprise editions of Windows 8 and 8.1[8][2]
- Windows Embedded Standard 7 and Windows Thin PC
- Windows Server 2008[9] and later[10][8]
- Pro, Enterprise, and Education editions of Windows 10[11]
- Pro, Enterprise, and Education editions of Windows 11[12]
Features
[edit]Developer(s) | Microsoft |
---|---|
Initial release | January 30, 2007 |
Operating system | Microsoft Windows |
Type | Command |
License | Proprietary commercial software |
Website | manage-bde |
Initially, the graphical BitLocker interface in Windows Vista could only encrypt the operating system volume.[13] Starting with Windows Vista with Service Pack 1 and Windows Server 2008, volumes other than the operating system volume could be encrypted using the graphical tool. Still, some aspects of the BitLocker (such as turning autolocking on or off) had to be managed through a command-line tool called manage-bde.wsf
.[14]
The version of BitLocker included in Windows 7 and Windows Server 2008 Release 2 adds the ability to encrypt removable drives. On Windows XP or Windows Vista, read-only access to these drives can be achieved through a program called BitLocker To Go Reader, if FAT16, FAT32 or exFAT filesystems are used.[15] In addition, a new command-line tool called manage-bde
replaced the old manage-bde.wsf
.[16]
Starting with Windows Server 2012 and Windows 8, Microsoft has complemented BitLocker with the Microsoft Encrypted Hard Drive specification, which allows the cryptographic operations of BitLocker encryption to be offloaded to the storage device's hardware, for example, self-encrypting drives.[17][18] In addition, BitLocker can now be managed through Windows PowerShell.[19] Finally, Windows 8 introduced Windows To Go in its Enterprise edition, which BitLocker can protect.[20]
Device encryption
[edit]Windows Mobile 6.5, Windows RT and core editions of Windows 8.1 include device encryption, a feature-limited version of BitLocker that encrypts the whole system.[21][22][23] Logging in with a Microsoft account with administrative privileges automatically begins the encryption process. The recovery key is stored to either the Microsoft account or Active Directory (Active Directory requires Pro editions of Windows), allowing it to be retrieved from any computer. While device encryption is offered on all editions of Windows 8.1, unlike BitLocker, device encryption requires that the device meet the InstantGo (formerly Connected Standby) specifications,[23] which requires solid-state drives and a TPM 2.0 chip.[21][24]
Starting with Windows 10 1703, the requirements for device encryption have changed, requiring a TPM 1.2 or 2.0 module with PCR 7 support, UEFI Secure Boot, and that the device meets Modern Standby requirements or HSTI validation.[25]
Device encryption requirements were relaxed in Windows 11 24H2, with the Modern Standby or HSTI compliance no longer required and the DMA interfaces blocklist removed.[26]
In September 2019 a new update was released (KB4516071[27]) changing the default setting for BitLocker when encrypting a self-encrypting drive. Now, the default is to use software encryption for newly encrypted drives. This is due to hardware encryption flaws and security concerns related to those issues.[28]
Encryption modes
[edit]Three authentication mechanisms can be used as building blocks to implement BitLocker encryption:[29]
- Transparent operation mode: This mode uses the capabilities of TPM 1.2 hardware to provide for transparent user experience—the user powers up and logs into Windows as usual. The key used for disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing Group (TCG). This mode is vulnerable to a cold boot attack, as it allows a powered-down machine to be booted by an attacker. It is also vulnerable to a sniffing attack, as the volume encryption key is transferred in plain text from the TPM to the CPU during a successful boot.
- User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in the form of a pre-boot PIN or password.
- USB Key Mode: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment. BitLocker does not support smart cards for pre-boot authentication.[30]
The following combinations of the above authentication mechanisms are supported, all with an optional escrow recovery key:
Operation
[edit]BitLocker is a logical volume encryption system. (A volume spans part of a hard disk drive, the whole drive or more than one drive.) When enabled, TPM and BitLocker can ensure the integrity of the trusted boot path (e.g. BIOS and boot sector), in order to prevent most offline physical attacks and boot sector malware.[37]
In order for BitLocker to encrypt the volume holding the operating system, at least two NTFS-formatted volumes are required: one for the operating system (usually C:) and another with a minimum size of 100 MB, which remains unencrypted and boots the operating system.[37] (In case of Windows Vista and Windows Server 2008, however, the volume's minimum size is 1.5 GB and must have a drive letter.)[38] Unlike previous versions of Windows, Vista's "diskpart" command-line tool includes the ability to shrink the size of an NTFS volume so that this volume may be created from already allocated space. A tool called the BitLocker Drive Preparation Tool is also available from Microsoft that allows an existing volume on Windows Vista to be shrunk to make room for a new boot volume and for the necessary bootstrapping files to be transferred to it.[39]
Once an alternate boot partition has been created, the TPM module needs to be initialized (assuming that this feature is being used), after which the required disk-encryption key protection mechanisms such as TPM, PIN or USB key are configured.[40] The volume is then encrypted as a background task, something that may take a considerable amount of time with a large disk as every logical sector is read, encrypted and rewritten back to disk.[40] The keys are only protected after the whole volume has been encrypted when the volume is considered secure.[41] BitLocker uses a low-level device driver to encrypt and decrypt all file operations, making interaction with the encrypted volume transparent to applications running on the platform.[40]
Encrypting File System (EFS) may be used in conjunction with BitLocker to provide protection once the operating system is running. Protection of the files from processes and users within the operating system can only be performed using encryption software that operates within Windows, such as EFS. BitLocker and EFS, therefore, offer protection against different classes of attacks.[42]
In Active Directory environments, BitLocker supports optional key escrow to Active Directory, although a schema update may be required for this to work (i.e. if the Active Directory Services are hosted on a Windows version previous to Windows Server 2008).
BitLocker and other full disk encryption systems can be attacked by a rogue boot manager. Once the malicious bootloader captures the secret, it can decrypt the Volume Master Key (VMK), which would then allow access to decrypt or modify any information on an encrypted hard disk. By configuring a TPM to protect the trusted boot pathway, including the BIOS and boot sector, BitLocker can mitigate this threat. (Note that some non-malicious changes to the boot path may cause a Platform Configuration Register check to fail, and thereby generate a false warning.)[37]
Security concerns
[edit]TPM alone is not enough
[edit]The "Transparent operation mode" and "User authentication mode" of BitLocker use TPM hardware to detect whether there are unauthorized changes to the pre-boot environment, including the BIOS and MBR. If any unauthorized changes are detected, BitLocker requests a recovery key on a USB device. This cryptographic secret is used to decrypt the Volume Master Key (VMK) and allow the bootup process to continue.[43] However, TPM alone is not enough:
- In February 2008, a group of security researchers published details of a so-called "cold boot attack" that allows full disk encryption systems such as BitLocker to be compromised by booting the machine from removable media, such as a USB drive, into another operating system, then dumping the contents of pre-boot memory.[44] The attack relies on the fact that DRAM retains information for up to several minutes (or even longer, if cooled) after the power has been removed. The Bress/Menz device, described in US Patent 9,514,789, can accomplish this type of attack.[45] Similar full disk encryption mechanisms of other vendors and other operating systems, including Linux and Mac OS X, are vulnerable to the same attack. The authors recommend that computers be powered down when not in physical control of the owner (rather than be left in a sleep mode) and that the encryption software be configured to require a password to boot the machine.[44]
- On 10 November 2015, Microsoft released a security update to mitigate a security vulnerability in BitLocker that allowed authentication to be bypassed by employing a malicious Kerberos key distribution center, if the attacker had physical access to the machine, the machine was part of a domain and had no PIN or USB flash drive protection.[46]
- BitLocker still does not properly support TPM 2.0 security features which, as a result, can lead to a complete bypass of privacy protection when keys are transmitted over Serial Peripheral Interface in a motherboard.[47]
All these attacks require physical access to the system and are thwarted by a secondary protector such as a USB flash drive or PIN code.
Upholding Kerckhoffs's principle
[edit]Although the AES encryption algorithm used in BitLocker is in the public domain, its implementation in BitLocker, as well as other components of the software, are proprietary; however, the code is available for scrutiny by Microsoft partners and enterprises, subject to a non-disclosure agreement.[48][49]
According to Microsoft sources,[50] BitLocker does not contain an intentionally built-in backdoor, so there is no Microsoft-provided way for law enforcement to have guaranteed access to the data on a user's drive. In 2006, the UK Home Office expressed concern over the lack of a backdoor and tried entering into talks with Microsoft to get one introduced.[51] Microsoft developer and cryptographer Niels Ferguson denied the backdoor request and said, "over my dead body".[52] Microsoft engineers have said that United States Federal Bureau of Investigation agents also put pressure on them in numerous meetings to add a backdoor, although no formal, written request was ever made; Microsoft engineers eventually suggested that agents should look for the hard copy of the encryption key that the BitLocker program suggests that its users make.[53]
Niels Ferguson's position that "back doors are simply not acceptable"[52] is in accordance with Kerckhoffs's principle. Stated by Netherlands-born cryptographer Auguste Kerckhoffs in the 19th century, the principle holds that a cryptosystem should be secure, even if everything about the system, except the encryption key, is public knowledge.
Since 2020, BitLocker's method and data structure is public knowledge due to reverse engineering; the Linux cryptsetup program is capable of reading and writing BitLocker-protected drives given the key.[54]
Other concerns
[edit]Starting with Windows 8 and Windows Server 2012, Microsoft removed the Elephant Diffuser from the BitLocker scheme for no declared reason.[55] Dan Rosendorf's research shows that removing the Elephant Diffuser had an "undeniably negative impact" on the security of BitLocker encryption against a targeted attack.[56] Microsoft later cited performance concerns, and noncompliance with the Federal Information Processing Standards (FIPS), to justify the diffuser's removal.[57] Starting with Windows 10 version 1511, however, Microsoft added a new FIPS-compliant XTS-AES encryption algorithm to BitLocker.[1] Starting with Windows 10 version 1803, Microsoft added a new feature called "Kernel Direct Memory access (DMA) Protection" to BitLocker, to protect against DMA attacks via Thunderbolt 3 ports.[58][59] "Kernel Direct Memory access (DMA) Protection" only protects against attacks through Thunderbolt. Direct Memory Access is also possible through PCI Express. In this type of attack an attacker would connect a malicious PCI Express Device,[60] which can in turn write directly to the memory and bypass the Windows login. To protect again this type of attack, Microsoft introduced "Virtualization-based Security".[61][62]
In October 2017, it was reported that a flaw enabled private keys to be inferred from public keys, which could allow an attacker to bypass BitLocker encryption when an affected TPM chip is used.[63] The flaw is the Return of Coppersmith's Attack or ROCA vulnerability which is in a code library developed by Infineon and had been in widespread use in security products such as smartcards and TPMs. Microsoft released an updated version of the firmware for Infineon TPM chips that fixes the flaw via Windows Update.[64]
See also
[edit]- Features new to Windows Vista
- List of Microsoft Windows components
- Windows Vista I/O technologies
- Next-Generation Secure Computing Base
- FileVault
References
[edit]- ^ a b Hakala, Trudy (January 29, 2020). "What's new in Windows 10, versions 1507 and 1511". TechNet. Microsoft. Retrieved March 7, 2020.
- ^ a b "Windows BitLocker Drive Encryption Frequently Asked Questions". TechNet Library. Microsoft. March 22, 2012. Retrieved March 7, 2020.
- ^ a b Ferguson, Niels (August 2006). "AES-CBC + Elephant Diffuser: A Disk Encryption Algorithm for Windows Vista" (PDF). Microsoft. Retrieved March 7, 2020.
- ^ a b Biddle, Peter (2004). "Next-Generation Secure Computing Base". Microsoft. Archived from the original (PPT) on August 27, 2006. Retrieved March 7, 2020.
- ^ Thurrott, Paul (September 9, 2005). "Pre-PDC Exclusive: Windows Vista Product Editions". Supersite for Windows. Penton. Archived from the original on April 2, 2015. Retrieved March 7, 2020.
- ^ a b Microsoft (April 22, 2005). "Secure Startup–Full Volume Encryption: Technical Overview" (DOC). Retrieved March 7, 2020.
- ^ Microsoft (April 21, 2005). "Secure Startup – Full Volume Encryption: Executive Overview" (DOC). Retrieved March 7, 2020.
- ^ a b "What's New in BitLocker". TechNet Library. Microsoft. August 31, 2016. Retrieved March 7, 2020.
- ^ "BitLocker Drive Encryption in Windows Vista". TechNet. Microsoft. Archived from the original on November 17, 2016. Retrieved March 7, 2020.
- ^ "BitLocker Drive Encryption Overview". TechNet. Microsoft. November 17, 2009. Retrieved March 7, 2020.
- ^ "Compare Windows 10 Editions". Windows for Business. Microsoft. Retrieved March 7, 2020.
- ^ "Finding your BitLocker recovery key in Windows". Windows support. Microsoft. Retrieved December 2, 2021.
- ^ Yegulalp, Serdar (August 7, 2007). "Vista's BitLocker Encryption". Computerworld. Retrieved May 15, 2024.
- ^ Hynes, Byron (September 8, 2016). "Advances in BitLocker Drive Encryption". TechNet Magazine. Microsoft. Retrieved March 7, 2020.
- ^ "Description of BitLocker To Go Reader". Microsoft. Archived from the original on September 24, 2019. Retrieved April 25, 2017.
- ^ "Enabling BitLocker by Using the Command Line". TechNet. Microsoft. September 12, 2012. Retrieved March 7, 2020.
- ^ "Encrypted Hard Drive". TechNet. Microsoft. August 31, 2016. Retrieved March 7, 2020.
- ^ "Encrypted Hard Drive Device Guide". MSDN. Microsoft. June 1, 2017. Retrieved March 7, 2020.
- ^ "BitLocker". TechNet. Microsoft. Retrieved March 7, 2020.
- ^ "Windows To Go: Frequently Asked Questions". TechNet. Microsoft. October 23, 2013. Retrieved March 7, 2020.
- ^ a b "Device Encryption". Device Encryption. Microsoft. November 18, 2015. Retrieved March 7, 2020.
- ^ Cunningham, Andrew (October 17, 2013). "Windows 8.1 includes seamless, automatic disk encryption—if your PC supports it". Ars Technica. Condé Nast. Retrieved March 7, 2020.
- ^ a b "Help protect your files with device encryption". Windows Help portal. Microsoft. Archived from the original on May 2, 2016. Retrieved March 7, 2020.
- ^ Thurrott, Paul (June 4, 2013). "In Blue: Device Encryption". Paul Thurrott's SuperSite for Windows. Penton Media. Archived from the original on June 9, 2013. Retrieved March 7, 2020.
- ^ "BitLocker drive encryption in Windows 10 for OEMs". docs.microsoft.com. November 16, 2018. Retrieved March 7, 2020.
- ^ "BitLocker drive encryption in Windows 11 for OEMs". learn.microsoft.com. May 22, 2024. Retrieved October 18, 2024.
- ^ "September 24, 2019—KB4516071 (OS Build 16299.1420)". support.microsoft.com. Retrieved March 7, 2020.
- ^ Cimpanu, Catalin (November 5, 2018). "Flaws in self-encrypting SSDs let attackers bypass disk encryption". ZDNet. Retrieved March 7, 2020.
- ^ "BitLocker Drive Encryption". Data Encryption Toolkit for Mobile PCs: Security Analysis. Microsoft. April 4, 2007. Archived from the original on October 23, 2007. Retrieved March 7, 2020.
- ^ Dansimp. "Using BitLocker with other programs FAQ (Windows 10) - Windows security". docs.microsoft.com. Retrieved July 27, 2022.
- ^ "ProtectKeyWithTPM method of the Win32_EncryptableVolume class". MSDN Library. Microsoft. March 31, 2018. Retrieved March 7, 2020.
- ^ "ProtectKeyWithTPMAndPIN method of the Win32_EncryptableVolume class". MSDN Library. Microsoft. March 31, 2018. Retrieved March 7, 2020.
- ^ "ProtectKeyWithTPMAndPINAndStartupKey method of the Win32_EncryptableVolume class". MSDN Library. Microsoft. March 31, 2018. Retrieved March 7, 2020.
- ^ "ProtectKeyWithTPMAndStartupKey method of the Win32_EncryptableVolume class". MSDN Library. Microsoft. March 31, 2018. Retrieved March 7, 2020.
- ^ "ProtectKeyWithExternalKey method of the Win32_EncryptableVolume class". MSDN Library. Microsoft. March 31, 2018. Retrieved March 7, 2020.
- ^ "ProtectKeyWithNumericalPassword method of the Win32_EncryptableVolume class". MSDN Library. Microsoft. March 31, 2018. Retrieved March 7, 2020.
- ^ a b c "BitLocker Drive Encryption in Windows 7: Frequently Asked Questions". TechNet. Microsoft. September 12, 2012. Retrieved March 7, 2020.
- ^ "Windows BitLocker Drive Encryption Step-by-Step Guide". TechNet. Microsoft. July 2, 2012. Retrieved March 7, 2020.
- ^ "Description of the BitLocker Drive Preparation Tool". Microsoft. December 21, 2011. Retrieved March 7, 2020.
- ^ a b c Andrew, Bettany; Halsey, Mike (2013). Exam Ref 70-687: Configuring Windows 8 (1 ed.). Microsoft Press. p. 307. ISBN 978-0-7356-7392-2. OCLC 851209981.
- ^ Jerry, Honeycutt (2012). Introducing Windows 8: An Overview for IT professionals. Microsoft. p. 121. ISBN 978-0-7356-7050-1. OCLC 819519777.
- ^ Ou, George (February 28, 2007). "Prevent data theft with Windows Vista's Encrypted File System (EFS) and BitLocker". TechRepublic. CBS Interactive. Retrieved March 7, 2020.
- ^ Byron, Hynes (September 7, 2016). "Keys to Protecting Data with BitLocker Drive Encryption". TechNet Magazine. Microsoft. Retrieved March 7, 2020.
- ^ a b Halderman, J. Alex; Schoen, Seth D.; Heninger, Nadia; Clarkson, William; Paul, William; Calandrino, Joseph A.; Feldman, Ariel J.; Appelbaum, Jacob; Felten, Edward W (February 21, 2008). Lest We Remember: Cold Boot Attacks on Encryption Keys (PDF) (Thesis). Princeton University. Retrieved March 7, 2020.
- ^ "Systems and methods for safely moving short term memory devices while preserving, protecting and examining their digital data". Retrieved March 7, 2020.
- ^ "Microsoft Security Bulletin MS15-122 – Important". Security TechCenter. Microsoft. October 11, 2017. Retrieved March 7, 2020.
- ^ "From Stolen Laptop to Inside the Company Network". Dolos Group. July 28, 2021. Retrieved December 2, 2021.
- ^ Thurrott, Paul (June 10, 2015). "No Back Doors: Microsoft Opens Windows Source Code to EU Governments". Petri. Retrieved March 7, 2020.
- ^ "Shared Source Initiative". www.microsoft.com. Retrieved March 7, 2020.
- ^ "Back-door nonsense". System Integrity Team Blog. Microsoft. March 2, 2006. Retrieved March 7, 2020.
- ^ Stone-Lee, Ollie (February 16, 2006). "UK holds Microsoft security talks". BBC. Retrieved March 7, 2020.
- ^ a b Evers, Joris (March 6, 2006). "Microsoft: Vista won't get a backdoor". CNET. CBS Interactive. Retrieved March 7, 2020.
- ^ Franceschi-Bicchierai, Lorenzo (September 11, 2013). "Did the FBI Lean On Microsoft for Access to Its Encryption Software?". Mashable. Retrieved March 7, 2020.
- ^ Trefny, Vojtech (January 25, 2020). BitLocker disk encryption on Linux (PDF). DevConf CZ.
- ^ "BitLocker Overview". technet.microsoft.com. August 31, 2016. Retrieved March 7, 2020.
- ^ Rosendorf, Dan (May 23, 2013). "Bitlocker: A little about the internals and what changed in Windows 8" (PDF). Archived from the original (PDF) on October 22, 2021. Retrieved March 7, 2020.
- ^ Lee, Micah (June 4, 2015). "Microsoft Gives Details About Its Controversial Disk Encryption". The Intercept. Retrieved March 7, 2020.
- ^ "Blocking the SBP-2 driver and Thunderbolt controllers to reduce 1394 DMA and Thunderbolt DMA threats to BitLocker". Microsoft. November 7, 2018. Retrieved March 7, 2020.
- ^ "Kernel DMA Protection for Thunderbolt 3". Microsoft. March 26, 2019. Retrieved March 16, 2020.
- ^ "PCILeech". Ulf Frisk. June 6, 2024. Retrieved June 13, 2024.
- ^ "Securing BitLocker: Initial Setup and Defending Against Attacks". VidraSec. March 15, 2024. Retrieved June 13, 2024.
- ^ "PCILeech". Microsoft. March 20, 2023. Retrieved June 13, 2024.
- ^ Goodin, Dan (October 16, 2017). "Millions of high-security crypto keys crippled by newly discovered flaw". Ars Technica. Condé Nast. Retrieved March 7, 2020.
- ^ Busvine, Douglas (October 16, 2017). "Infineon says has fixed encryption flaw found by researchers". Reuters. Retrieved March 7, 2020.