With effort, hackers are able to break into an encryption feature available on newer versions of Windows
Security | 08 Dec 2009 :
Researchers can break into BitLocker, the disk encryption feature available in Windows 7, Vista and Server 2008.
German experts from the Franhofer Institute for Secure Information Technology (SIT) revealed five attack strategies against BitLocker and the way its Trusted Platform Module (TPM) sealing mechanism works.
In certain circumstances, the researchers claim that dedicated hackers could "circumvent the protection and break confidentiality with limited effort".
"Our attacks neither exploit vulnerabilities in the encryption itself nor do they directly attack the TPM," the researchers claim in a report.
"They rather exploit sequences of actions that Trusted Computing fails to prevent, demonstrating limitations of the technology."
One attack took advantage of the boot process, where BitLocker needs to interact with the user to obtain a password or a key file from a USB memory stick, or both.
The program code interacting with the user is unencrypted, so an attacker with physical access is able to modify it.
The hacker could replace the original BitLocker boot code with a manipulated version, and spoof the user interaction with BitLocker.
The researchers made it clear that that they were using ‘targeted attacks', where an attacker would devote considerable effort in trying to access data on a disk, for example in corporate espionage.
BitLocker is better designed to withstand real-world ‘opportunistic attacks' for example, if a computer was stolen and somebody was trying to access the data to see what they could get.
Microsoft had not responded to a request for comment at the time of publication.