BitLocker: deep details, improvements and benifitsSudhir RaoTechnology SpecialistMicrosoft Corporation

AgendaBitLocker Drive Encryption Overview

Recovery, Threats, and MitigationDeployment Planning

Deployment ScenariosWMI Management Interfaces and ToolsGroup Policy and Recovery

Maintaining BitLocker SystemsThings to ConsiderAdditional Resources

BitLocker Drive Encryption Overview

BitLocker™ Drive Encryption

BitLocker Drive Encryption fully encrypts the entire Windows Vista volume.

Enhanced in Windows Vista SP1 and Windows Server 2008 to provide multi-volume/drive protection!

Designed specifically to prevent the unauthorized disclosure of data when it is at rest.

Provides data protection on your Windows client systems, even when the system is in unauthorized hands.

Designed to utilize a v1.2 Trusted Platform Module (TPM) for secure key storage and boot environment authentication

BitLocker

What Is A Trusted Platform Module (TPM)?

Smartcard-like module on the motherboardProtects secretsTPM is made up of a set of entry points called PCR’s. Holds Platform Measurements (hashes).Performs cryptographic functions

RSA, SHA-1, RNGCreates, stores and manages keys

Provides a unique Endorsement Key (EK)Provides a unique Storage Root Key (SRK)

Anchors chain of trust for keys and credentialsProtects itself against attacks

TPM 1.2 spec: www.trustedcomputinggrou

p.org

BitLocker™ Partition Layout

Disk partition requirements for BitLocker are unique make sure you consider this from the beginning of your deployment design.

Two partitions are required.

System Partition (Primary, NTFS, Active, 1.5Gb, Type 7)Why so large? – The minimum partition size recommendation was made for the following reasons:

BitLocker requires 50mb of spaceWinRE requires 550mb of spaceServicing requires 900mb of space

OS Partition (Primary, NTFS, Type 7, Any size)

Encryption Key StorageOS Volume Contains:• Encrypted OS• Encrypted Page File• Encrypted Temp Files• Encrypted Data• Encrypted Hibernation

File

System Volume Contains:(All Unencrypted)• MBR• Boot manager• Boot Utilities

Where’s the Encryption Key?1. SRK (Storage Root Key) contained in TPM

2. SRK encrypts FVEK (Full Volume Encryption Key) protected by TPM/PIN/USB Storage Device

3. FVEK stored (encrypted by SRK) on hard drive in the OS Volume

FVEK

SRK

1

2

3

BitLocker Protectors

Security

To

tal C

ost

o f O

wne

rshi

p

TPM Only“What it is.”

Protects against: Most SW attacks

Vulnerable to: “Easy” HW

attacks

TPM + PIN“What it is + what

you know.”Protects against: Many HW attacks

Vulnerable to: Hardware attacks

USB Only“What you have.”

Protects against: HW attacks

Vulnerable to: Lost USB key

No boot validation

The security depends entirely

on user practices!

TPM + USB“What it is + what

you have”Protects against:

HW attacksVulnerable to: Lost USB key

The security depends entirely

on user practices!

BitLocker™ offers a spectrum of protection allowing an organization to customize according to its requirements.

*******

BitLocker™ Drive Encryption ArchitectureStatic Root of Trust Measurement of boot components

Volume Blob of Target OS unlocked

All Boot Blobs unlocked

Static OS

BootSector

BootManager

Start OS

OS Loader

BootBlock

PreOS

BIOS

MBR

TPM Init

BitLocker™ Recovery ScenariosLost/Forgotten Key Protectors

Lost USB key, user forgets PINUpgrade to Core Files

Planned change to pre-OS files (BIOS upgrade, etc…)

Broken HardwareHard drive moved to a new system

Deliberate AttackModified or missing pre-OS files (Hacked BIOS, MBR, etc…)

BitLocker™ Recovery OptionsBitLocker integrates with Active Directory Domain Services (AD DS) to provide centralized key management. · Recovery passwordA 48-digit recovery password used to recover a BitLocker-protected volume. Users enter this password to unlock a volume when BitLocker enters recovery mode.· Key package data With this key package and the recovery password, you will be able decrypt portions of a BitLocker-protected volume if the disk is severely damaged. Each key package will only work with the volume it was created on, which can be identified by the corresponding volume ID. · TPM owner password hashWhen ownership of the TPM is taken a hash of the ownership password can be taken and stored in AD DS. This information can then be used to reset ownership of the TPM.

Platform Threats & Mitigations

BIOS ModificationTHREAT --- Lost Core Root of Trust for MeasurementMITIGATION --- Secure CRTM UpdateMITIGATION --- Provide extra protection with PIN or USB

Physical MemoryTHREAT --- Key exposure in physical memoryMITIGATION --- Memory Overwrite on ResetMITIGATION --- Provide extra protection with PIN or USB

Dictionary Attack Against PINTHREAT --- Key exposureMITIGATION --- Anti-hammering countermeasures

End UsersTHREAT --- Unsafe practices (PIN nearby, USB in laptop case)MITIGATION --- User education, corporate security policy

BitLocker Deployment

Prepare to Deploy – Part 1

Define support structure and processes. Who will do What, When, and How?

Extend active directory to support escrow of BitLocker recovery information (TPM owner pass, recovery pass).

Delegate rights to allow support personnel to recover machines. DA + Confidential Attribute by default.

If users are local admin apply other GP to prohibit users from changing BitLocker settings.

Use GP to configure power management settings.

Prepare to Deploy – Part 2

Use GP to configure power management settings.

Work with the OEM to determine default ship state of TPM.If possible ship with TPM enabled.

Choose a deployment tools and methodologies.Enable BitLocker after joining domain

Decide what BitLocker protectors will be used.TPM only least user impactTPM+USB or PIN high user impact high support cost

Decide whether or not to use WinRE in conjunction with BitLocker.

Group Policy and BitLockerBitLocker group policy exists for drive encryption and TPM management.

Can be configured and the domain level or via local policy.Used to control backup of recovery information to Active Directory.Control user experience in UI and prohibit use of certain protectors.Can be used to set a mandatory encryption method.BitLocker setting are controlled at the computer level not user.

GP Deployment ConsiderationsAlways require backup of recovery passwords and TPM owner auth to AD.On BitLocker machines limit the use of sleep and hybrid sleep. Setup power plan in GP to configure prohibit.Limit user access to power management functions to prevent change.Remove sleep options from start menu. Limit user access to BitLocker control panel unless needed to reset PIN’s or create additional protectors.Consider hiding the system partition using GP to keep user from seeing the drive.

Deployment Scenarios

Deploying Bit Locker ready machines with the following deployment tools

Windows Deployment ServicesSMS 2003 OSDUnattended InstallationImaging with ImageXSystem Center Configuration ManagerBDD 2007/MDT

Maintaining a BitLocker Enabled System

Disabling BitLocker does not decrypt the disk and encryption still occurs.When disabled a key is written to the disk that is in the clear and is used to access the VMK.Disabling can be automated through WMI and removes two-factor authentication allowing unobstructed reboots.Re-enabling BitLocker re-keys and re-encrypts the VMK. Any two-factor options are restored.MS provided SP’s, patches, and upgrades that update BitLocker or sealed boot components automatically call FVEUpdate so no disabling is needed.BitLocker must be disabled before updating system BIOS.

Things to ConsiderOnly recovery passwords not recovery keys are escrowed to AD.Recovery password escrow is only done when password is created cannot be re-escrowed.Managing recovery passwords and keys post deployment requires scripting, manage-bde, or GUI.No single application for post deployment management of machines.PIN’s are only stored on the TPM and not escrowed anywhere for recovery.No status information in WMI that can be queried by inventory tools.

Additional ResourcesTrusted Computing Group (TCG)

www.trustedcomputinggroup.org

Windows Hardware & Driver Central (WHDC)www.microsoft.com/whdc/default.mspx

BitLocker MSDN Contenthttp://msdn.microsoft.com/library/default.asp?url=/library/en-us/secprov/security/security_wmi_providers_reference.asp

Questions

© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after

the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.