Microsoft BitLocker encryption key got hacked via cheap FGPA

2 minute read
Bitlocker drive encryption picked

Home » News » Microsoft BitLocker encryption key got hacked via cheap FGPA

Security researchers identified a new vulnerability in Bitlocker as they attempted to use the tool in its basic and least intrusive configuration.

BitLocker is basically a full volume encryption system that allows users to encrypt even entire volumes for the protection of data. The tool leverages AES encryption algorithm in XTS mode (128-bit or 256-bit key) or AES encryption algorithm in cipher block chaining (CBC).

It has been an integral part of each and every version of Windows starting from Vista. As a quick reminder, users of Windows 10 systems with a TPM 1.2 or 2.0 chip are required to upgrade and run on a Pro, Enterprise or Education versions. 

Researcher unlocked a Surface Pro 3 and HP laptop

Researchers have been targeting this highly popular Windows encryption platform to demonstrate its flaws.

One of the latest attempts includes a novel technique published last week by an employee of Pulse Security Denis Andzakovic.

The idea has been explained as:

You can sniff BitLocker keys in the default config, from either a TPM1.2 or TPM2.0 device, using a dirt cheap FPGA (~$40NZD) and now publicly available code, or with a sufficiently fancy logic analyzer. After sniffing, you can decrypt the drive.
The idea behind this is that if the laptop is stolen, and the attacker does not know your login password, they cannot pull the drive and read the contents.

However, the Redmond giant already mentioned that users should use any type of additional security measures including PIN while using this technology.

How to stay protected?

The researchers suggest staying protected by following two protection measures. The easiest one is to avoid using BitLocker with TPMs in this default state.

Secondly, you can also follow these simple steps:

  1. Configure a USB flash drive containing a startup key
  2. Set up PIN access

Notably, you can use both at the same time by adding multifactor authentication. 

RELATED ARTICLES YOU NEED TO CHECK OUT:

Discussions

Next up

Did you know you can manage individual app notifications on PC?

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

The latest Windows 10 builds added some handy notification management options for individual apps. As we previously reported, this build brings a number of exciting […]

Continue Reading

System doesn’t meet the requirements to run Firefox [FULL FIX]

Mihai Duna avatar. By: Mihai Duna
2 minute read

Windows 10 users often experience error message Your system doesn’t meet the requirements to run Firefox. This error has been reported to pop up even […]

Continue Reading

Check out this flexible Surface Pen stylus that takes calls

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

Microsoft recently filed a patent that revealed more information about the next-generation Surface Pen.  Microsoft named the patent as Flexible Carpenter’s Stylus with Dockable Earpiece. […]

Continue Reading