Peter Biddle - Bitlocker, Security in Windows Vista

Posted By: Charles | Jul 11th, 2006 @ 11:30 AM | 44,952 Views | 18 Comments
Do you want to protect the data on your laptop? Well, Bitlocker is a new technology that'll ship in Windows Vista that'll keep prying eyes from seeing your data. Say your laptop gets stolen, Bitlocker keeps your data encrypted so thieves can't get to it.

Scoble sits down with Peter Biddle, product unit manager on the system integrity team, to learn more about this really interesting Vista technology.
Media Downloads:
Rating:
1
0
#Jul 11th, 2006 @ 1:01 PM
Shark_M
Shark_M
This guy looks like Tom cruise. LOL



Anyways. How do we know the NSA does not have backdoors into the new encryption system that will ship with vista?



Its more safe to assume there is a backdoor than to say there is not. So you guys have to prove that there is no way mathematically to use backdoors. Like why not use one-time pad encrpytion on each file? or some mathematical function where there are more than 3 unknowns to solve for to decrypt.

By the way what is the encryption algorithim used for encryption in VISTA?
#Jul 11th, 2006 @ 1:50 PM
n4cer
n4cer

Check the System Integrity Blog for answers to your questions:
http://blogs.msdn.com/si_team/default.aspx

#Jul 11th, 2006 @ 3:16 PM
cain
cain

Shark_M wrote:
What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has, and then governments could then develop their own ways to decrypt a file. It goes back to my question why doesnt bitLocket employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.


Ok, how about you design that 'unbreakable' encryption algorithm, and then they'll use it.  The algorithm they use could take billions of years to break on todays hardware - that's good enough for me.



Shark_M wrote:
So for most people, what is the point of having bitLocker to begin with if the system has vulnterabilities that hackers as well as governmental agencies would be able to utilize to break the encryption? Just making their job a little harder?


What vulnerabilities?


Shark_M wrote:
Another question how would this impact Anti-Virus software? Would this hinder scanning process to the point that it might take a whole day to scan your hard drives?


Why would it?  If you have the keys decryption doesn't take all that long.

 

Shark_M wrote:
I mean its nice and all to have all my files encrypted so that if someone steals my pc or labtop my data cannot be read. Its a step in the right direction interms of privacy. But this is a sword with two edges if you will. You can give people false sence of security or privacy when the system used has weak points from which interested parties would be able to break the encryption.


Once again, what weak points are you talking about?

#Jul 11th, 2006 @ 3:27 PM
n4cer
n4cer
Every encryption technique has weakpoints. It's only a matter of time and resources. The goal of encryption is to make the cost of breaking the encryption far exceed value of the data you want to recover.

Generally, the best algorithms are ones that are publically available and easily auditable. such as AES, which BitLocker uses (and is one of the choices for TrueCrypt).
#Jul 11th, 2006 @ 3:40 PM
Shark_M
Shark_M
n4cer wrote:
Every encryption technique has weakpoints. It's only a matter of time and resources. The goal of encryption is to make the cost of breaking the encryption far exceed value of the data you want to recover.

Generally, the best algorithms are ones that are publically available and easily auditable. such as AES, which BitLocker uses (and is one of the choices for TrueCrypt).


With one time pads even if you have all the resources in the world you cannot break it. Because its statistically not possible and mathematically not possible.
#Jul 11th, 2006 @ 3:54 PM
Shark_M
Shark_M
cain wrote:


 


Ok, how about you design that 'unbreakable' encryption algorithm, and then they'll use it.  The algorithm they use could take billions of years to break on todays hardware - that's good enough for me.

One-Time Pad (OTP) cryptosystem.

cain wrote:



What vulnerabilities?



side channel attacks, XSL attack, cache timing attack, + othes

there are prefectly secure crypto systems there that use symmetric encryption. Its called one time pads. So you can generate a randomal pad, and use it to encrpt the files you have, and store this pad somewhere in a flash drive and keep using it since its only you. Each system would then be encrpted differently than any other system. If a hacker successfully decrypted user A's computer in Vista, then using the same ways they cant decrypt user B's.

There would be some technical issues that need to be solved, But If they want to they can iron them out.

 

though AES encryption with long keys is good. Its still not 100% secure, and machines are gaining more power hardware wise, and there are already super computers out there, like the quantum-factorization engines and others that have dictionaries full of random keys ready to be tried out by the powers to be.

 

So though its nice, it will only stop the average joe, not the experts. the average joe or snoops out there would not want any thing with us.

Lets face it, in this day and age, privacy is meaningless. We are all guilty and as such are to be monitored like little kids by big brother, until proven innocent through monitoring. The presumption that all people are good that used to be the predominant thing, has changed. That is what they mean when governments want to be able to see what your doing and what files you have in your computers.

Since the average hacker out there would not target user X per se, its safe to assume that your files are safe. But with government agencies they want to know what each citizen is doing, and that is why I say privacy is a relative term nowadays, and in all practicallity its meaningless.

I would have wished that MS would use a really hard to break crypto system that is mathematically sound, like the ones where you have to solve for 3 unknowns or one-time pads.

Anyways, Its not like we have something to hide, do we? That what big-brother would say:P

#Jul 11th, 2006 @ 4:06 PM
Shark_M
Shark_M
What I gather is that maybe you guys will not install or make the backdoors. But you guys will tell governments the vulnerabilities or the weak points that bitLock has , and then governments could then develop their own ways to decrypt a file. It goes back to my question why doesnt bitLocker employ a really good unbreakable encryption algorithm, so no one but the person who owns the pc would be able to read it. THis is similar to TrueCrypt in someway.



So for most people, what is the point of having bitLocker to begin with if the system has vulnterabilities that hackers as well as governmental agencies would be able to utilize to break the encryption? Just making their job a little harder?



Another question how would this impact Anti-Virus software? Would this hinder scanning process to the point that it might take a whole day to scan your hard drives?



I mean its nice and all to have all my files encrypted so that if someone steals my pc or labtop my data cannot be read. Its a step in the right direction interms of privacy. But this is a sword with two edges if you will. You can give people false sence of security or privacy when the system used has weak points from which interested parties would be able to break the encryption.



#Jul 11th, 2006 @ 4:08 PM
n4cer
n4cer

If you use BitLocker with the TPM, an attacker would have to compromise the system without destroying the TPM or changing the system metrics the TPM uses. Accomplishing this on one system does not allow you to compromise subsequent systems as the metrics are different.

#Jul 11th, 2006 @ 4:26 PM
Shark_M
Shark_M
n4cer wrote:


If you use BitLocker with the TPM, an attacker would have to compromise the system without destroying the TPM or changing the system metrics the TPM uses. Accomplishing this on one system does not allow you to compromise subsequent systems as the metrics are different.





can you give examples as to these metrics? does it use unique things in a typical Vista OS with default values? like SIDs , HD serial#s and the like?



So if you have 4 dell machines that are identical on every thing, you would not be able to compromise the other 3 if you managed to do it on the first one?



but why not? I mean if you managed to break 1 , what prevents you from doing the same process to the other 3? See this is what I dont like, I wanted no one to be able to break the first one, and in addition to this, each computer's implemetation would depend on unique values in the hardware that are unique to each pc.


also why cant we get a choice as to different encryption methods from a drop down menu in vista? Why only use AES?

Edit: If you have multiple accounts in Vista, each account has some protected files, does bitLocker make each account encrypted with different key than other accounts so if your in a public portal or a University library your data in your account would be encrypted with a key you choose that is different from others. Or is there a key used for all files in a given Vista installtion for the whole pc? So is there a per user capability?


my 2 cents.
Microsoft Communities