Researchers break into Windows encryption feature
By Asavin Wattanajantra,
Researchers can break into BitLocker, the disk encryption feature available in Windows 7, Vista and Server 2008.
German experts from the Franhofer Institute for Secure Information Technology (SIT) revealed five attack strategies against BitLocker and the way its Trusted Platform Module (TPM) sealing mechanism works.
In certain circumstances, the researchers claim that dedicated hackers could “circumvent the protection and break confidentiality with limited effort".
"Our attacks neither exploit vulnerabilities in the encryption itself nor do they directly attack the TPM," the researchers claim in a report.
“They rather exploit sequences of actions that Trusted Computing fails to prevent, demonstrating limitations of the technology.”
One attack took advantage of the boot process, where BitLocker needs to interact with the user to obtain a password or a key file from a USB memory stick, or both.
The program code interacting with the user is unencrypted, so an attacker with physical access is able to modify it.
The hacker could replace the original BitLocker boot code with a manipulated version, and spoof the user interaction with BitLocker.
The researchers made it clear that that they were using ‘targeted attacks’, where an attacker would devote considerable effort in trying to access data on a disk, for example in corporate espionage.
BitLocker is better designed to withstand real-world ‘opportunistic attacks’ for example, if a computer was stolen and somebody was trying to access the data to see what they could get.
Paul Cooke from Microsoft confirmed as much in a blog post. He said: "This research is similar to other published attacks where the owner leaves a computer unattended in a hotel room and anyone with access to the room could tamper with this computer.
"This sort of targeted attack poses a relatively low risk to folks who use BitLocker in the real world."
He added: "These sorts of targeted threats are not new and are something we've addressed in the past; in 2006 we discussed similar attacks, where we've been straightforward with customers and partners that BitLocker does not protect against these unlikely, targeted attacks."
You may also like...
advertisement
Latest Industry & Public Sector Features
What impact will the browser ballot screen have?
The browser ballot screen is rolling out across Windows Update. Simon Brew charts its problems, the road to here, and what impact it’s likely to have.
- Q&A: Mark Kingdon on Second Life for business
- Q&A: The ID card commissioner talks cards and controversy
- The past, present and future of the Digital Economy Bill
- Google’s fight for its book deal
- MWC 2010: Top 10 show tech
- FreeBSD and the GPL
- Top 10 technologies for SMBs
- How much is space worth to Britain?
- Smartphones vs netbooks vs tablets - which is best for you?
Latest Industry & Public Sector Reviews
NEC MultiSync LCD4215 review
Rating: 
advertisement
Most popular
- App market will be worth $17.5 billion by 2012
- Report: Macs cost less to run than Windows PCs
- Why is Microsoft accelerating Service Pack 1?
- Q&A: Conrad Wolfram on communicating with apps in Web 3.0
- Open source developers ditch iPhone for Android
- Symantec Backup Exec 2010 review
- Head to Head: Office 2010 vs Open Office 3.1
- O2 condemns 'bullying' law firms for threatening file-sharers
- Google Nexus One review: A week with the superphone
- HTC Legend review
Latest News Videos in Industry & Public Sector
Video: What a connected classroom looks like
PlayDell unveils its vision for the classroom of the future, with netbooks, video conferencing and pub quiz-style handsets.
Whitepapers
Want more background on today's hottest IT trends?
Visit IT PRO's whitepaper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.