11

I am currently assessing the security of Bitlocker from the perspective of an offline attack against a stored password (used to secure the Full Disk Encryption key). My assumption is that the password used to decrypt/determine the FDE key has to be stored somehow on the disk, else it would be impossible to determine if the FDE key is correct or not.

My question is, if, say, a laptop was stolen and it was using Bitlocker to secure the password used to unlock the OS volume, how resistant would it be to an offline attack for the purposes of recovering the password? What techniques/algorithms does it use to protect against an attack like this?

Please note, I am less interested in the recovery of the data on the disk or the FDE key. I am purely interested in this on the basis of how resistant the user's password itself is to an offline attack against a skilled attacker in possession of a stolen laptop.

MattCotterellNZ
  • 153
  • 1
  • 1
  • 7
  • Related question: [How does Bitlocker only-PIN method work?](http://security.stackexchange.com/questions/67378/how-does-bitlocker-only-pin-method-work) – sleske Oct 05 '15 at 07:01

3 Answers3

6

The attack you outline is a fundamental problem for all types of encryption: If you want to use a password as the (source of) the encryption key, the password must have as much entropy as the desired encryption strength, otherwise you are vulnerable to offline brute-forcing.

So yes, if Bitlocker just used the password you entered as the (source of) the key, it would be vulnerable to this attack.

Bitlocker provides multiple authentication mechanisms, which address this problem in different ways.

  • The recommended mechanism (AFAIK) is to use the computer's Trusted Platform Module (TPM). With TPM authentication (called Transparent operation mode with Bitlocker), the TPM chip stores the Bitlocker key. The TPM is specifically designed to only release that key if certain password/PIN is provided, and to limit the number of authentication attempts. Therefore a comparably weak password/PIN is enough, because the password cannot be attacked off-line, as it is stored in the TPM.
  • Another solution is to use USB Key Mode. In that mode, either the key is stored on a USB key (optionally protected by a password), or a special USB device is used which performs secure authentication (similar to a TPM chip). Again, an off-line attack is not possible, because the key is stored on the USB device. However, if the USB device is just a simple storage device, an off-line attack against it is possible (thus it must be stored very securely).

USB Key Mode and TPM can be combined for even better security.

Note that it is possible to use Bitlocker without a TPM chip (though this is apparently not recommended by Microsoft). If you do that, then you are indeed vulnerable to password bruteforcing attacks, so you need a password with sufficient entropy, i.e. at least 128 bit, better 168 bit.

For an extensive discussion of the design choices, security tradeoffs and technology of Bitlocker, see the paper AES-CBC + Elephant diffuser, A Disk Encryption Algorithm for Windows Vista by Niels Ferguson, available from http://go.microsoft.com/fwlink/?LinkId=80598 .

techraf
  • 9,141
  • 11
  • 44
  • 62
sleske
  • 1,622
  • 12
  • 22
  • Where/how would I find the secure USB module? I tried Googling for things like "USB TPM", but only found guides on how to set bitlocker up either using a regular USB key or using only a boottime password. – Dan Is Fiddling By Firelight Oct 05 '15 at 13:19
  • See for example [Using Smart Cards with BitLocker](https://technet.microsoft.com/de-de/library/dd875530%28v=ws.10%29.aspx) on TechNet. However, it looks like this is only possible for data partitions, not for the boot partition. – sleske Oct 05 '15 at 15:08
5

BitLocker encrypts the drive using a "volume master key", which is never placed directly in persistent storage anywhere. One or more "key protectors" are present in the volume metadata, each one of which provides a way to obtain the VMK. For the PIN/Password-based protectors, the password is passed through a very slow key derivation function (something like bcrypt, but I'm not actually sure what function or what the exact parameters are). The parameters probably vary by hardware, but it takes over half a second on my work machine.

I believe this derived key is then checked against a stored hash and, if it matches, used to decrypt the VMK (that is, the PIN/Password protector contains an version of the VMK, encrypted using the key that the KDF spits out, and a hash of the derived key, used to check the derived key's correctness).

To attempt to brute-force the password, you will need to figure out the algorithm and its parameters (salt, work factor, etc.). Unless you have serious computing resources available, it will take a very long time for a brute-force search to find anything due to the slow KDF.

The most publicly code-usable implementation of BL that I know of is the dislocker git repo, dislocker being an open-source (partial) implementation of BitLocker (written as a FUSE driver). I'm not aware of any ready-built brute-forcing tool for BitLocker, but you could probably build one on top of dislocker's code. It'll probably take a while to run, though!

CBHacking
  • 40,303
  • 3
  • 74
  • 98
2

Full disk encryption tools rely on AES which is still considered secure today. So most attacks focus target the operating system itself instead of the encryption mechanism such tools use.

The attacks you may face in case your machine is stolen depend on several factors. First of all, on how you configured it. Configurations that require authentication prior to booting the operating system prevent a hacker from immediately attacking the operating system. So first of all, set Bitlocker with the pre-boot authentication option.

Before you encrypt the disks, be sure your machine is safe of the presence rootkits and bootkits which may have the same privileges as your operating system and can even compromise your full volume encryption key as it is encrypted by the volume master key and stored in the encrypted volume. Note that UEFI is intended to protect your system again the presence of rootkits and bootkits, however it is not foolproof.

An other thing to consider is brute force sign-in attacks that can be performed even against the pre-boot authenticator we mentioned above.

Also an attacker may use Thunderbolt to connect an other device to your laptop. Because DMA (direct memory access) ports do not provide authentication or access control to protect the contents of the computer’s memory to which the device have a read access only, you can imagine an attack based on these facts (called DMA attacks). Note that in case you are running Windows 8 then you may be know that Windows 8 InstantGo–certified devices do not have DMA ports, eliminating the risk of DMA attacks

So in conjunction with configuring the pre-boot authentication, you may also use USB device (such as a flash drive) to store the BitLocker startup key and use it to authenticate along with your PIN/password: this an other layer of security in which even if your PIN/password is brute-forced, the Bitlocker start-up key is still safe (suppose your laptop and USB device can not be stolen by the same attacker)