Black Hat TPM Hack and BitLocker

Black Hat TPM Hack and BitLocker

  • Comments 8
  • Likes

Last week at the Black Hat DC conference a presenter showed how one manufacturer's Trusted Platform Module (TPM) could be physically compromised to gain access to the secrets stored inside. Since that presentation, I have had plenty of questions from customers wanting to know how this might affect Windows. The answer? We believe that using a TPM is still an effective means to help protect sensitive information and accordingly take advantage of a TPM (if available) with our BitLocker Drive Encryption feature in Windows 7.

The attack shown requires physical possession of the PC and requires someone with specialized equipment, intimate knowledge of semiconductor design, and advanced skills. While this attack is certainly interesting, these methods are difficult to duplicate, and as such, pose a very low risk in practice. Furthermore, it is possible to configure BitLocker in a way that mitigates this unlikely attack.

With our design for BitLocker in Windows 7, we took into account the theoretical possibility that a TPM might become compromised due to advanced attacks like this one, or because of poor designs and implementations. The engineering team changed the cryptographic structure for BitLocker when configured to use enhanced pin technology, discussed in the BitLocker Drive Encryption in Windows 7: Frequently Asked Questions. As a result, an attacker must not only be able to retrieve the appropriate secret from the TPM, they must also find the user-configured PIN. If the PIN is sufficiently complex, this poses a hard, if not infeasible, problem to solve in order to obtain the required key to unlock the BitLocker protected disk volume.

BitLocker remains an effective solution to help safeguard personal and private data on mobile computers. For more information on BitLocker best practices, we have published guidance in The Data Encryption Toolkit for Mobile PCs. This toolkit discusses the balance of security and usability and details that the most secure method to use BitLocker in hibernate mode and a TPM+PIN configuration. With the advancements in Windows 7, users that are worries about potential attacks such as this one should also enable the Allow enhanced PINs for startup group policy setting for their environment.

8 Comments
You must be logged in to comment. Sign in or Join Now
  • lr shop
    1 Posts

    I think that this is a lesson for us all in our security detail for our systems. We simply can never have too much security these days!!

  • This clearly shows us that we must be more careful than ever when it comes to the security of our systems. Very good news article.

  • This is looking like a good piece. Thank you for the info. It has been a real pleasure

  • This was a great revelation. It certainly shocked me. Since then I have improved my TPM so that there are more rigourous security measures in place to prevent something similiar happening to mine.

  • At the Black Hat DC conference a presenter showed how one manufacturer's Trusted Platform Module (TPM) could be physically compromised to gain access to the secrets stored inside. The attack shown requires physical possession of the PC and requires someone with specialized equipment, intimate knowledge of semiconductor design, and advanced skills. While this attack is certainly interesting, these methods are difficult to duplicate, and as such, pose a very low risk in practice. Furthermore, it is possible to configure BitLocker in a way that mitigates this unlikely attack.

  • Thanks for these articles, I enjoyed them!

  • Thanks for these articles, I enjoyed them!

  • Is there a way to recover a drive that had BitLocker To Go in Windows 7?  I accidentally unplugged my external hard drive while it was decrypting, and I can no longer access the drive at all.  I tried to install the Vista version of the software, but I received an error message and could not install it.  Please help if possible.