14 DAY TRIAL // Extracting the BitLocker encryption key from a Windows device without other security systems in place doesn’t cost more than $30, according to a recent discovery.
Denis Andzakovic of Pulse Security explains in an analysis of his exploit that it’s possible to intercept the encryption key if the BitLocker system being used on Windows isn’t further strengthened with a PIN or password.
On Windows, BitLocker acts as a volume encryption system that doesn’t necessarily require additional security settings, technically being able to protect data even if the drive in the computer is removed.
But as Andzakovic discovered, sticking with this very basic configuration allows a hacker to extract the encryption key when it’s transferred from the Trusted Platform Modules, or TPMs, to the Low Pin Count (LPC) bus.
Dirt-cheap exploit
To demonstrate the vulnerability, Andzakovic turned to a hardware setup based on an Infineon TPM 2.0 from a Microsoft Surface Pro and a $30 Field-Programmable Gate Array (FPGA). The bug was later reproduced on an HP laptop with a TPM 1.2 chip.
“As the system boots with no key material required from the user, there are a myriad of ways to attempt to retrieve the BitLocker key,” the researcher explains.
There are several ways to stay protected against this vulnerability, and some are even documented by Microsoft, including setting up additional protections in the form of PINs and passwords.
“Enabling BitLocker with a TPM+PIN protector should mitigate this vulnerability, however user’s will be required to enter a PIN at boot. Smart cards or USB keys used as an additional pre-boot authentication in addition to the TPM should mitigate this issue as well,” Andzakovic adds.
Obviously, this isn’t the kind of hack that anyone can do, but the simple fact that the whole process becomes so affordable is certainly worrying, not necessarily for users, but for Microsoft itself too. For the time being, sticking with a PIN is pretty much the best recommendation, as it can prevent any exploit no matter what.