Peter Biddle - Bitlocker, Security in Windows Vista

This guy looks like Tom cruise. LOL



Anyways. How do we know the NSA does not have backdoors into the new encryption system that will ship with vista?



Its more safe to assume there is a backdoor than to say there is not. So you guys have to prove that there is no way mathematically to use backdoors. Like why not use one-time pad encrpytion on each file? or some mathematical function where there are more than 3 unknowns to solve for to decrypt.

By the way what is the encryption algorithim used for encryption in VISTA?

Check the System Integrity Blog for answers to your questions:
http://blogs.msdn.com/si_team/default.aspx

Shark_M wrote:

What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has, and then governments could then develop their own ways to decrypt a file. It goes back to my question why doesnt bitLocket employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.

Ok, how about you design that 'unbreakable' encryption algorithm, and then they'll use it.  The algorithm they use could take billions of years to break on todays hardware - that's good enough for me.

Shark_M wrote:

So for most people, what is the point of having bitLocker to begin with if the system has vulnterabilities that hackers as well as governmental agencies would be able to utilize to break the encryption? Just making their job a little harder?

What vulnerabilities?

Shark_M wrote:

Another question how would this impact Anti-Virus software? Would this hinder scanning process to the point that it might take a whole day to scan your hard drives?

Why would it?  If you have the keys decryption doesn't take all that long.

 

Shark_M wrote:

I mean its nice and all to have all my files encrypted so that if someone steals my pc or labtop my data cannot be read. Its a step in the right direction interms of privacy. But this is a sword with two edges if you will. You can give people false sence of security or privacy when the system used has weak points from which interested parties would be able to break the encryption.

Once again, what weak points are you talking about?

Every encryption technique has weakpoints. It's only a matter of time and resources. The goal of encryption is to make the cost of breaking the encryption far exceed value of the data you want to recover.

Generally, the best algorithms are ones that are publically available and easily auditable. such as AES, which BitLocker uses (and is one of the choices for TrueCrypt).

n4cer wrote:

Every encryption technique has weakpoints. It's only a matter of time and resources. The goal of encryption is to make the cost of breaking the encryption far exceed value of the data you want to recover.

Generally, the best algorithms are ones that are publically available and easily auditable. such as AES, which BitLocker uses (and is one of the choices for TrueCrypt).

With one time pads even if you have all the resources in the world you cannot break it. Because its statistically not possible and mathematically not possible.

cain wrote:



 

Ok, how about you design that 'unbreakable' encryption algorithm, and then they'll use it.  The algorithm they use could take billions of years to break on todays hardware - that's good enough for me.

One-Time Pad (OTP) cryptosystem.

cain wrote:



What vulnerabilities?

side channel attacks, XSL attack, cache timing attack, + othes

there are prefectly secure crypto systems there that use symmetric encryption. Its called one time pads. So you can generate a randomal pad, and use it to encrpt the files you have, and store this pad somewhere in a flash drive and keep using it since its only you. Each system would then be encrpted differently than any other system. If a hacker successfully decrypted user A's computer in Vista, then using the same ways they cant decrypt user B's.

There would be some technical issues that need to be solved, But If they want to they can iron them out.

 

though AES encryption with long keys is good. Its still not 100% secure, and machines are gaining more power hardware wise, and there are already super computers out there, like the quantum-factorization engines and others that have dictionaries full of random keys ready to be tried out by the powers to be.

 

So though its nice, it will only stop the average joe, not the experts. the average joe or snoops out there would not want any thing with us.

Lets face it, in this day and age, privacy is meaningless. We are all guilty and as such are to be monitored like little kids by big brother, until proven innocent through monitoring. The presumption that all people are good that used to be the predominant thing, has changed. That is what they mean when governments want to be able to see what your doing and what files you have in your computers.

Since the average hacker out there would not target user X per se, its safe to assume that your files are safe. But with government agencies they want to know what each citizen is doing, and that is why I say privacy is a relative term nowadays, and in all practicallity its meaningless.

I would have wished that MS would use a really hard to break crypto system that is mathematically sound, like the ones where you have to solve for 3 unknowns or one-time pads.

Anyways, Its not like we have something to hide, do we? That what big-brother would say:P

What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has , and then governments could then develop their own ways to decrypt a file. It goes back to my question why doesnt bitLocker employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.



So for most people, what is the point of having bitLocker to begin with if the system has vulnterabilities that hackers as well as governmental agencies would be able to utilize to break the encryption? Just making their job a little harder?



Another question how would this impact Anti-Virus software? Would this hinder scanning process to the point that it might take a whole day to scan your hard drives?



I mean its nice and all to have all my files encrypted so that if someone steals my pc or labtop my data cannot be read. Its a step in the right direction interms of privacy. But this is a sword with two edges if you will. You can give people false sence of security or privacy when the system used has weak points from which interested parties would be able to break the encryption.

If you use BitLocker with the TPM, an attacker would have to compromise the system without destroying the TPM or changing the system metrics the TPM uses. Accomplishing this on one system does not allow you to compromise subsequent systems as the metrics are different.

n4cer wrote:



If you use BitLocker with the TPM, an attacker would have to compromise the system without destroying the TPM or changing the system metrics the TPM uses. Accomplishing this on one system does not allow you to compromise subsequent systems as the metrics are different.

can you give examples as to these metrics? does it use unique things in a typical Vista OS with default values? like SIDs , HD serial#s and the like?



So if you have 4 dell machines that are identical on every thing, you would not be able to compromise the other 3 if you managed to do it on the first one?



but why not? I mean if you managed to break 1 , what prevents you from doing the same process to the other 3? See this is what I dont like, I wanted no one to be able to break the first one, and in addition to this, each computer's implemetation would depend on unique values in the hardware that are unique to each pc.


also why cant we get a choice as to different encryption methods from a drop down menu in vista? Why only use AES?

Edit: If you have multiple accounts in Vista, each account has some protected files, does bitLocker make each account encrypted with different key than other accounts so if your in a public portal or a University library your data in your account would be encrypted with a key you choose that is different from others. Or is there a key used for all files in a given Vista installtion for the whole pc? So is there a per user capability?


my 2 cents.

Shark_M wrote:

If you have multiple accounts in Vista, each account has some protected files, does bitLocker make each account encrypted with different key than other accounts so if your in a public portal or a University library your data in your account would be encrypted with a key you choose that is different from others. Or is there a key used for all files in a given Vista installtion for the whole pc? So is there a per user capability?

BitLocker encrypts the entire volume, locking all users out of the system. For account-level encryption, you would use Encrypting File System (EFS - available since Windows 2000). Both can be used simultaneously. You'd also use EFS for encrypting data on non-system volumes -- the server version of BitLocker will also be able to encrypt data volumes (using different keys for the data volumes).

The metrics include information derived from boot process items such as the  BIOS, master boot record, boot sector, boot manager, etc. What the information is exactly, I don't know.

The 4 Dell computers wouldn't be exactly identical. They'd have different hardware IDs, different TPMs, serial #s (including volume serials), hardware enumeration variances, etc.

The more encryption algorithms BitLocker supports, the wider the test matrix and scenarios MS would need to support. It's best that they get the feature right in v1, then worry about adding support for other algorithms and scenarios in future versions.

 

Shark_M wrote:

What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has , and then governments could then develop their own ways to decrypt a file. It goes back to my question why doesnt bitLocker employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.

They have.  Did you read http://www.microsoft.com/technet/windowsvista/security/bittech.mspx

You have the option to use a pin or a USB key that contain the full AES key and IV (I assume the IV is also random and not hard coded).  I don't get what your issue is yet.

Seagate shipping new FDE (Full Disk Encryption) hard drives starting in July 2006


http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde_bb.pdf

http://www.seagate.com/docs/pdf/marketing/PO-Momentus-FDE.pdf

Shark_M wrote:

With one time pads even if you have all the resources in the world you cannot break it. Because its statistically not possible and mathematically not possible.

The thing with OTPs is, to be actually as secure as advertised:

- They need to be as long as the data to be encrypted.
- They need to be used once only (hence one-time).

So you're looking at storing a virtually infinite encryption key.

You seem to forget about statistical patterns in the OTP. There is also an attack on the OOB channel to share the pad.

Nice job Peter's Team.... This will help with PA State Bill 712.

Peter,

Question:

It sounds like there is another use for Bitlocker...to replace apps like lojack.  Does/can  Bitlocker email IP info to the user? Lets say the laptop gets stolen, and then get put on line (excluding wiping the OS) will the machine will notify the user of its location via IP?

I know it is not fool proof, TOR ect. but TOR can throw lojack off too.

Thanks