Attacking the BitLocker boot process

Türpe, S.; Poller, A.; Steffan, J.; Stotz, J.-P.; Trukenmüller, J.

doi:10.1007/978-3-642-00587-9_12

2009

Conference Paper

Abstract

We discuss five attack strategies against BitLocker, which target the way BitLocker is using the TPM sealing mechanism. BitLocker is a disk encryption feature included in some versions of Microsoft Windows. It represents a state-of-the-art design, enhanced with TPM support for improved security. We show that, under certain assumptions, a dedicated attacker can circumvent the protection and break confidentiality with limited effort. Our attacks neither exploit vulnerabilities in the encryption itself nor do they directly attack the TPM. They rather exploit sequences of actions that Trusted Computing fails to prevent, demonstrating limitations of the technology.

Author(s)

Türpe, S.

Poller, A.

Steffan, J.

Stotz, J.-P.

Trukenmüller, J.

Mainwork

Trusted computing. Second international conference, Trust 2009

Conference

International Conference on the Technical and Socio-Economic Aspects of Trusted Computing (TRUST) 2009

Options

Attacking the BitLocker boot process