0

Let's say I want to protect the contents of my Desktop PC which I use in quite many occasions remotely.

I want to use Bitlocker with a startup key that only "activates" at a specific moment in time.

The setup I am thinking would be a Raspberry Pi Zero emulating a USB flash drive connected permanently to the PC. This Pi Zero would have an encrypted container with the startup key inside which would be mounted remotely only for a short time during the PC startup. After that the encrypted container would be unmounted.

How secure would be that scenario?

What factors should I take into account to have a secure mountable container on the RPi Zero?

What I want to achieve:

  • PC with Bitlocker (TPM + startup key). Encrypted at rest but being able to start up remotely without typing any password, for further remote connection.
  • Startup key that can only be used at a specific time. Encrypted at rest, mounted and dismounted remotely.

I am not interested in somebody hacking my PC while it is turned on, that would be a different threat model, but more like preventing somebody stealing my equipment and accessing my data, while at the same time retaining the comfort of me starting the system remotely.

maximusboscus
  • 1
  • 2
  • Have you tested to see if it will actually be detected by Bitlocker as a key drive? Assuming you have a secure way to remotely enable the RPi to boot up and serve the file it should be more secure than just a plain key drive lying around. – user May 25 '22 at 17:20
  • You may also need to verify that you can power the RPi and use the gadget/peripheral port at the same time, since there might not be enough time to set up the USB mass storage gadget if you're expecting to power up the Pi right as the PC is booting up. – user May 25 '22 at 17:21
  • Hello @user, I have not yet tested, although I have searched on internet and only PiZero can emulate USB mass storage, not big RPIs. The RPi would be powered constantly and independently. – maximusboscus May 25 '22 at 17:27

1 Answers1

1

There are two vectors of attack I believe. Let's assume you use method four of a powershell based decryption

  1. the Zero at some point in time contains the unlock key.
  2. you need to transmit the key to the Zero.

I believe these are the two moments your setup is vulnerable. Someone could unplug and use (copy) key on the Zero to another device and someone could eavesdrop on the communication to the Zero. My understanding is that as soon the Zero loses power the keys are not available anymore(?). If traffic to the Zero is well enough encrypted you probably have mitigated that vector.

schroeder
  • 123,438
  • 55
  • 284
  • 319
theking2
  • 149
  • 7
  • The setup would be as following: The Bitlocker startup key file used to unlock the PC would be inside an encrypted container in the Zero (at all times). This container is only decrypted and mounted in RAM (and emulates USB mass storage for the PC) for a brief moment and only after I send a "password" through a secure channel. My question is what would be a good setup in the PiZero? – maximusboscus Jun 05 '22 at 15:11