Attack on Windows BitLocker
Fraunhofer SIT has presented a method for discovering the BitLocker drive encryption PIN under Windows. The method even works where TPM is used to protect the boot process. The trick? An attacker with access to the target computer simply boots from a USB flash drive and replaces the BitLocker bootloader with a substitute bootloader which mimics the BitLocker PIN query process but saves the PINs entered by the user to disk in unencrypted form.
Although the BitLocker boot process carries out an integrity check on the system, and thereby the Windows installation, it does not check the bootloader itself – not that the actual attack described even gets as far as the Windows boot process. Consequently, according to the Fraunhofer SIT report, even if a Trusted Computing Module (TPM) is fitted, it fails to protect against such an attack.
Once the substitute bootloader has saved the victim's PIN to the hard drive, it rewrites the original bootloader to the MBR and restarts the system. The victim may indeed wonder why their computer is restarting, but then we've all seen computers suddenly decide to abort a boot and restart.
To get hold of the saved PIN, the attacker needs to gain access to the target computer for a second time, to once more boot up from a USB flash drive and then access the hard drive. The computer can then be rebooted and the PIN thus obtained used to open up BitLocker, allowing access to the protected Windows system.
The technique could be used to obtain data in targeted acts of industrial espionage. SIT is nonetheless keen to stress that, "Despite the security vulnerability, BitLocker is a good solution for hard drive encryption, as it offers good protection against the most common threat to sensitive data on a hard drive – loss or theft of the computer."
SIT researchers Jan Steffan and Jan Trukenmüller have published a video demonstrating the attack in practice on the institute's website.
A similar attack on system encryption using TrueCrypt was presented at Black Hat in July. Austrian security specialist Peter Kleissner used his Stoned bootkit to nobble the boot process in order to inject spyware onto the system and read off data. His method does not, however, work where TPM is in place, since the MBR hash no longer matches the stored version. The advantage of Kleissner's method is that it only requires one-time access to the victim's computer.
- Attacking the BitLocker Boot Process, paper from Fraunhofer.
- Bootkit bypasses hard disk encryption, a report from The H.