BitLocker: deep details, improvements and benifits Sudhir Rao Technology Specialist Microsoft Corporation
Agenda • BitLocker Drive Encryption Overview • Recovery, Threats, and Mitigation • Deployment Planning • Deployment Scenarios • WMI Management Interfaces and Tools • Group Policy and Recovery • Maintaining BitLocker Systems • Things to Consider • Additional Resources
BitLocker™ Drive Encryption BitLocker Drive Encryption fully encrypts the entire Windows Vista volume. Enhanced in Windows Vista SP1 and Windows Server 2008 to provide multi-volume/drive protection! Designed specifically to prevent the unauthorized disclosure of data when it is at rest. Provides data protection on your Windows client systems, even when the system is in unauthorized hands. Designed to utilize a v1.2 Trusted Platform Module (TPM) for secure key storage and boot environment authentication BitLocker
What Is A Trusted Platform Module (TPM)? Smartcard-like module on the motherboard • Protects secrets • TPM is made up of a set of entry points called PCR’s. Holds Platform Measurements (hashes). • Performs cryptographic functions • RSA, SHA-1, RNG • Creates, stores and manages keys • Provides a unique Endorsement Key (EK) • Provides a unique Storage Root Key (SRK) • Anchors chain of trust for keys and credentials • Protects itself against attacks TPM 1.2 spec: www.trustedcomputinggroup.org
BitLocker™ Partition Layout • Disk partition requirements for BitLocker are unique make sure you consider this from the beginning of your deployment design. • Two partitions are required. • System Partition (Primary, NTFS, Active, 1.5Gb, Type 7) • Why so large? – The minimum partition size recommendation was made for the following reasons: • BitLocker requires 50mb of space • WinRE requires 550mb of space • Servicing requires 900mb of space • OS Partition (Primary, NTFS, Type 7, Any size)
Encryption Key Storage • OS VolumeContains: • Encrypted OS • Encrypted Page File • Encrypted Temp Files • Encrypted Data • Encrypted Hibernation File • Where’s the Encryption Key? • SRK (Storage Root Key) contained in TPM • SRK encrypts FVEK (Full Volume Encryption Key) protected by TPM/PIN/USB Storage Device • FVEK stored (encrypted by SRK) on hard drive in the OS Volume • System Volume Contains: (All Unencrypted) • MBR • Boot manager • Boot Utilities SRK 2 FVEK 1 3
******* BitLocker Protectors BitLocker™ offers a spectrum of protection allowing an organization to customize according to its requirements.
BitLocker™ Drive Encryption ArchitectureStatic Root of Trust Measurement of boot components
BitLocker™ Recovery Scenarios • Lost/Forgotten Key Protectors • Lost USB key, user forgets PIN • Upgrade to Core Files • Planned change to pre-OS files (BIOS upgrade, etc…) • Broken Hardware • Hard drive moved to a new system • Deliberate Attack • Modified or missing pre-OS files (Hacked BIOS, MBR, etc…)
BitLocker™ Recovery Options • BitLocker integrates with Active Directory Domain Services (AD DS) to provide centralized key management. • · Recovery password • A 48-digit recovery password used to recover a BitLocker-protected volume. Users enter this password to unlock a volume when BitLocker enters recovery mode. • · Key package data • With this key package and the recovery password, you will be able decrypt portions of a BitLocker-protected volume if the disk is severely damaged. Each key package will only work with the volume it was created on, which can be identified by the corresponding volume ID. • · TPM owner password hash • When ownership of the TPM is taken a hash of the ownership password can be taken and stored in AD DS. This information can then be used to reset ownership of the TPM.
Platform Threats & Mitigations • BIOS Modification • THREAT --- Lost Core Root of Trust for Measurement • MITIGATION --- Secure CRTM Update • MITIGATION --- Provide extra protection with PIN or USB • Physical Memory • THREAT --- Key exposure in physical memory • MITIGATION --- Memory Overwrite on Reset • MITIGATION --- Provide extra protection with PIN or USB • Dictionary Attack Against PIN • THREAT --- Key exposure • MITIGATION --- Anti-hammering countermeasures • End Users • THREAT --- Unsafe practices (PIN nearby, USB in laptop case) • MITIGATION --- User education, corporate security policy
Prepare to Deploy – Part 1 • Define support structure and processes. Who will do What, When, and How? • Extend active directory to support escrow of BitLocker recovery information (TPM owner pass, recovery pass). • Delegate rights to allow support personnel to recover machines. DA + Confidential Attribute by default. • If users are local admin apply other GP to prohibit users from changing BitLocker settings. • Use GP to configure power management settings.
Prepare to Deploy – Part 2 • Use GP to configure power management settings. • Work with the OEM to determine default ship state of TPM. • If possible ship with TPM enabled. • Choose a deployment tools and methodologies. • Enable BitLocker after joining domain • Decide what BitLocker protectors will be used. • TPM only least user impact • TPM+USB or PIN high user impact high support cost • Decide whether or not to use WinRE in conjunction with BitLocker.
Group Policy and BitLocker • BitLocker group policy exists for drive encryption and TPM management. • Can be configured and the domain level or via local policy. • Used to control backup of recovery information to Active Directory. • Control user experience in UI and prohibit use of certain protectors. • Can be used to set a mandatory encryption method. • BitLocker setting are controlled at the computer level not user. • GP Deployment Considerations • Always require backup of recovery passwords and TPM owner auth to AD. • On BitLocker machines limit the use of sleep and hybrid sleep. Setup power plan in GP to configure prohibit. • Limit user access to power management functions to prevent change. • Remove sleep options from start menu. • Limit user access to BitLocker control panel unless needed to reset PIN’s or create additional protectors. • Consider hiding the system partition using GP to keep user from seeing the drive.
Deployment Scenarios • Deploying Bit Locker ready machines with the following deployment tools • Windows Deployment Services • SMS 2003 OSD • Unattended Installation • Imaging with ImageX • System Center Configuration Manager • BDD 2007/MDT
Maintaining a BitLocker Enabled System • Disabling BitLocker does not decrypt the disk and encryption still occurs. • When disabled a key is written to the disk that is in the clear and is used to access the VMK. • Disabling can be automated through WMI and removes two-factor authentication allowing unobstructed reboots. • Re-enabling BitLocker re-keys and re-encrypts the VMK. Any two-factor options are restored. • MS provided SP’s, patches, and upgrades that update BitLocker or sealed boot components automatically call FVEUpdate so no disabling is needed. • BitLocker must be disabled before updating system BIOS.
Things to Consider • Only recovery passwords not recovery keys are escrowed to AD. • Recovery password escrow is only done when password is created cannot be re-escrowed. • Managing recovery passwords and keys post deployment requires scripting, manage-bde, or GUI. • No single application for post deployment management of machines. • PIN’s are only stored on the TPM and not escrowed anywhere for recovery. • No status information in WMI that can be queried by inventory tools.
Additional Resources • Trusted Computing Group (TCG) • www.trustedcomputinggroup.org • Windows Hardware & Driver Central (WHDC) • www.microsoft.com/whdc/default.mspx • BitLocker MSDN Content • http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secprov/security/security_wmi_providers_reference.asp