Figure 1. Summary of components in BitLocker
BitLocker Drive Encryption
BitLocker Drive Encryption is an integral security feature of Windows Vista that provides considerable offline protection for data and the operating system. BitLocker helps ensure that data stored on a computer running Windows Vista is not revealed if the computer is tampered with when the installed operating system is offline. It optionally uses a Trusted Platform Module (TPM) to provide enhanced protection for data and to help ensure the integrity of early startup components. This can help protect data from theft or unauthorised viewing by encrypting the entire Windows volume.
Overview of BitLocker Drive Encryption Functionality
BitLocker offers a seamless end-user experience with systems that have a compatible TPM microchip and basic input/output system (BIOS). A compatible TPM is defined as a version 1.2 TPM with the appropriate BIOS required to support the Static Root of Trust Measurement, as defined by the Trusted Computing Group (https://www.trustedcomputinggroup.org). The TPM interacts with BitLocker to help provide seamless protection at system startup.
BitLocker also offers the option to lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a universal serial bus (USB) flash drive that contains a startup key. These additional security measures provide multifactor authentication and higher assurance that the computer will not start or resume from hibernation until the user presents the correct PIN or USB flash drive. Figure 1 above shows a summary of the BitLocker components.
BitLocker enhances data protection by bringing together two major functions: full drive encryption and the integrity checking of early startup components.
Full Drive Encryption
Drive encryption helps mitigate unauthorised data access by unauthorised users from breaking the Windows Vista file and system protection on lost or stolen computers. This protection is achieved through the encryption of the entire Windows Vista volume and any additional volumes on the hard drive. With BitLocker, all user and system files are encrypted, including the system memory paging and hibernation files.
Integrity Check of Early Startup
An offline attack is a scenario in which an attacker starts an alternative operating system to gain control of a computer system. Integrity checking the early startup components helps to ensure that data decryption is performed only if those components appear unmodified and that the encrypted drive is located in the original computer. BitLocker stores measurements of core startup components in the TPM chip. Every time the computer is started, Windows Vista verifies that the startup components have not been modified. If the files have been modified, Windows Vista alerts the user and refuses to release the key required to access the Windows partition. The system then goes into a recovery mode, prompting the user to provide a recovery key to allow access to the startup volume.
The system also uses recovery mode if a disk drive is transferred to another system. Recovery mode requires a recovery key that is generated when BitLocker is enabled, and that key is specific to one computer. As a result, BitLocker is intended for enterprises with a management infrastructure in place to store the recovery keys, such as Active Directory. Otherwise, the potential exists for data loss if a computer enters recovery mode and the recovery key is unavailable.
BitLocker can also be used on computers without a compatible TPM. Using BitLocker in this way provides the volume encryption capabilities but not the added security of integrity validation on early startup files. Instead, a USB flash drive provides the encryption key at startup.
No comments:
Post a Comment