Posts Tagged ‘BitLocker’

If you are a Windows user and ever considered protecting your data with full-disk encryption, you have probably heard about BitLocker. BitLocker is Microsoft’s implementation of full-disk encryption that is built into many versions of Windows. You maybe even using BitLocker without realizing that you do – for example, if you have a Surface or a similar thin-and-light Windows device. At the same time, BitLocker encryption is not available by default on desktops if you are using the Home edition of Windows 10. Activating BitLocker on your system disk can be tricky and may not work right away even if your Windows edition supports it. In this article, we are offering an introduction to BitLocker encryption. We’ll detail the types of threats BitLocker can effectively protect your data against, and the type of threats against which BitLocker is useless. Finally, we’ll describe how to activate BitLocker on systems that don’t meet Microsoft’s hardware requirements, and evaluate whether it’s worth it or not security-wise.

Threats Covered by BitLocker Encryption

BitLocker encryption is not the be-all and end-all type of protection. While BitLocker securely encrypts your data with industry-standard AES encryption, it can only protect your data against a set of very specific threats.

BitLocker can effectively protect your data in the following circumstances.

Your hard drive(s) are removed from your computer

If, for any reason, your hard drives (or SSD drives) are removed from your computer, your data is securely protected with a 128-bit encryption key (users requiring higher-level security can specify 256-bit encryption when setting up BitLocker).

How secure is this type of protection? If you’re using TPM protection (more on that later), it is very secure; just as secure as the AES algorithm itself (in layman view, 128-bit or 256-bit encryption are equally strong).

If, however, you have enabled BitLocker on a computer without TPM, then BitLocker encryption will be just as secure as the password you set. For this reason, make sure to specify a reasonably strong, reasonably long and absolutely unique password.

The entire computer is stolen

If your entire computer is stolen, the security of your data depends on the type of BitLocker protection you are using as well as on the strength of your Windows password. The most convenient method is “TPM only” (more on that later); this is the least secure method as well, because your computer will decrypt the hard drive(s) before you sign in to Windows.

If you are using “TPM only” protection policy, anyone who knows your Windows account password (or your Microsoft Account password, if you are using a Microsoft Account as your Windows 10 login) will be able to unlock your data.

TPM + PIN is significantly more secure; in a way, it is practically as secure as a bare hard drive.

If you set up BitLocker protection without a TPM or Intel PTT installed, you’ll be forced to using the password. In this case, the data will be as secure as your password. BitLocker is designed to slow down brute-force attacks, so even a 8-character password can provide secure protection to your data.

Other users on the same computer

 If anyone can log in to your computer and access their account, the disk volume has been already decrypted. BitLocker does not protect against peer computer users.

Malware/ransomware and online threats

 BitLocker does nothing to protect your data against malware, ransomware or online threats.

In other words, BitLocker is great when protecting your data against the removal of the hard drive(s); it’s perfect if you want to protect your data if you sell or RMA your hard drives. It’s somewhat less effective (depending on your policies) when protecting your data if the entire computer is stolen. This is it; other usage cases are not covered.

System Requirements

Most of us are used to “System Requirements” being a mere formality. This is not the case with BitLocker. In order to protect your boot device with BitLocker, you must be running Windows 10 Professional or higher. Windows 10 Home does not support BitLocker system encryption.

To make things more confusing, Microsoft does support BitLocker device protection even on devices with Windows 10 Home. Effectively, this is the same encryption, just with some limitations. BitLocker device protection is available on thin and light devices (e.g. Microsoft Surface) supporting Connected standby and equipped with solid-state storage. Those devices must be equipped with a TPM2.0 module or Intel PTT technology.

If you are using Windows 10 Professional or higher with TPM2.0 or Intel PTT, you can enable BitLocker straight away. However, most computers are not equipped with TPM modules, and only newer-generation computers (think Intel 8th and 9th Gen motherboards; some higher-end motherboards may support Intel PTT with older processors) support Intel Platform Trust Technology. Intel PTT is not even enabled in BIOS by default; you must manually enable the thing to use it for BitLocker protection.

Here’s how you activate Intel PTT on Gigabyte Z390 boards (latest BIOS):

 

Alternatively, you can perform a Group Policy edit to enable BitLocker without hardware protection modules.

If your computer meets the requirements (namely, the presence of a hardware TPM2.0 module or software-based Intel Platform Trust Technology), enabling BitLocker on your computer can be as easy as opening the Control Panel and launching the BitLocker Drive Encryption applet. Note that not all editions of Windows 10 can use BitLocker protection.

Once you click on “Turn on BitLocker”, Windows will prompt you to create an escrow key (BitLocker Recovery Key). It is highly advisable to do so. On a balance, storing the recovery key in your Microsoft Account might be a good enough option for most home users, while employees will store their recovery keys in their company’s Active Directory. Saving the key into a file or printing it out are also valid options that will provide just as much security as your personal safe box.

Thin and light devices (such as Windows tablets and ultrabooks) may be protected with device encryption as opposed to BitLocker Drive Encryption. The algorithm is essentially the same; however, the compatibility requirements are different. Device encryption is available for thin and light devices running any Windows 10 edition, while BitLocker Drive Encryption is not available to Windows 10 Home users. If you have data to protect, you’ll need to pay a fee for an in-place upgrade to Windows 10 Professional.

What if you already have Windows 10 Professional but don’t have a hardware TPM2.0 module? If you are using one of the latest boards based on Intel chip sets, you may be able to activate Intel Platform Trust Technology (How To Enable BitLocker With Intel PTT and No TPM For Better Security) or perform the following Group Policy edit to enable BitLocker:

  1. Open Group Policy Editor (type gpedit.msc in the Windows Search box)
  2. Open Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives
  3. Edit the Require additional authentication at startup policy
  4. Set the policy to Enabled and check Allow BitLocker without a compatible TPM as shown on the screen shot

Speaking of the policies, BitLocker supports various methods of authentication, each offering a unique trade-off between security and convenience.

  • TPM only. Your system will boot to login prompt; the data will be decrypted with a key stored in the TPM (or Intel PTT) module. This is the most convenient option that effectively protects hard drives, but offers weaker protection if the intruder has access to the whole system (computer with TPM and the hard drive).
  • TPM + PIN. In this mode, the TPM module will only release the encryption key if you correctly type the PIN code during pre-boot phase. Even though the PIN code is short, entering the wrong PIN several times makes TPM panic and block access to the encryption key. This option arguably offers the best balance between security and convenience, combining “something that you have” (the TPM module) with “something that you know” (the PIN code). At the same time, this option may not be convenient in multi-user environments.
  • TPM + USB Key. This option requires both the TPM and a USB flash drive (or CCID smartcard) to be present in order for the system to boot.
  • TPM + PIN + USB Key. Just as the name suggests, this option requires all three of the TPM, PIN code and USB key/smartcard in order to boot your computer. While this is probably the most secure option, the additional security benefits are hardly worth it compared to the TPM + PIN option if you consider the reduced convenience and reliability (you’ll have to use the recovery key if a USB key or smart card gets lost or corrupted).
  • USB Key. This option is only recommended if your computer is not equipped with a TPM module and does not support the Intel PTT.
  • Password only. Just like the previous option, “password only” authentication should only be used if no TPM or Intel PTT is available. Note that the “password” option is different from the “PIN” as there is no enforceable limit on the number of password attempts without a TPM, which allows a brute-force attack on the password.

Advanced users and system administrators can refer to BitLocker Group Policy settings in Microsoft Knowledge Base.

What caveats are there when it comes to securing data against physical extraction? The thing is, while BitLocker is nearly a 100% effective solution for protecting the bare drive, it might not be as secure if the intruder has access to the entire computer with the hard drive installed. Even if your computer is equipped with a TPM2.0/Intel PTT module, Windows will still unlock the encrypted hard drive if Secure Boot conditions are met. This in turn opens numerous vectors of attack that may allow the intruder to intercept the on-the-fly BitLocker encryption key and decrypt the hard drive. These vectors of attack include:

  1. Making a RAM image of a running computer with BitLocker volume(s) mounted. This can be done via a Thunderbolt attack (Windows, by default, does not disable Thunderbolt DMA access when locked) or a cold boot attack.
  2. Breaking or extracting your Windows logon password (e.g. extracting from your Google account, your smartphone, or from another computer you have logged in and synced your data to).
  3. Obtaining your BitLocker Recovery Key from your Microsoft Account or Active Directory.

Advanced users and system administrators can read the following guide to secure their BitLocker volumes: BitLocker recovery guide

Conclusion

Reliable data protection is impossible without protecting your boot device. BitLocker is the perfect choice. It’s secure, convenient and highly configurable, allowing you balance security and convenience to your precise requirements. If you are concerned about security of your data, protecting your boot device with BitLocker is an absolutely mandatory step and the most important security layer.

 

It’s been a long while since we made an update to one of our most technically advanced tools, Elcomsoft Forensic Disk Decryptor (EFDD). With this tool, one could extract data from an encrypted disk volume (FileVault 2, PGP, BitLocker or TrueCrypt) by utilizing the binary encryption key contained in the computer’s RAM. We could find and extract that key by analyzing the memory dump or hibernation files.

What Elcomsoft Forensic Disk Decryptor did not do until now was pretty much everything else. It couldn’t use plain text passwords to mount or decrypt encrypted volumes, and it didn’t support escrow (recovery) keys. It didn’t come with a memory imaging tool of its own, making its users rely on third-party solutions.

With today’s release, Elcomsoft Forensic Disk Decryptor gets back on its feets, including everything that was missing in earlier versions. Plain text passwords and recovery keys, a Microsoft-signed kernel-level RAM imaging tool, the highly anticipated portable version and support for the industry-standard EnCase .E01 and encrypted DMG images are now available. But that’s not everything! We completely revamped the way you use the tool by automatically identifying all available encrypted volumes, and providing detailed information about the encryption method used for each volume.

(more…)

statistics_color6

How often do you think forensic specialists have to deal with encrypted containers? Compared with office documents and archives that are relatively infrequent, every second case involves an encrypted container. It may vary, but these evaluations are based on a real survey conducted by our company.

It is hard to overestimate the importance of the topic. In the first part of our story we discussed the way of getting access to encrypted volumes using an encryption key. Now, let’s see which other ways can be used.

Unlike Elcomsoft Forensic Disk Decryptor, Elcomsoft Distributed Password Recovery does not search for existing decryption keys. Instead, it tries to unlock password-protected disks by attacking the password. The tool applies an impressive variety of techniques for attacking the password. In this case, the whole disk encryption scheme is only as strong as its password. Fortunately, the tool can execute a wide range of attacks including wordlist attack, combination attacks, mask attacks, smart attacks and so on and so forth, with advanced GPU acceleration and distributed processing on top of that. The whole sophisticated arsenal comes in particularly handy if we speak about more or less secure passwords.

(more…)

In the world of Windows dominance, Apple’s Mac OS X enjoys a healthy market share of 9.5% among desktop operating systems. The adoption of Apple’s desktop OS (macOS seems to be the new name) is steadily growing. This is why we are targeting Mac OS with our tools.

This time, let’s talk about Mac OS X user account passwords. Not only will a user password allow accessing their Mac, but it will also allow decrypting FileVault 2 volumes that are otherwise securely encrypted with virtually unbreakable XTS-AES.

Attacking FileVault 2

FileVault 2 is Apple’s take on whole-disk encryption. Protecting the entire startup partition, FileVault 2 volumes can be unlocked with either of the following:

  • 256-bit XTS-AES key
  • Recovery Key
  • User password from any account with “unlock” privileges

There is also an additional unlock method available called Institutional Recovery Key. These recovery keys are created when system administrators enable FileVault 2 encryption with FileVaultMaster.keychain. This method requires additional steps to activate, and is typically used in organizations with centralized keychain management.

(more…)

Investigators start seeing BitLocker encrypted volumes more and more often, yet computer users themselves may be genuinely unaware of the fact they’ve been encrypting their disk all along. How can you break into BitLocker encryption? Do you have to brute-force the password, or is there a quick hack to exploit?

We did our research, and are ready to share our findings. Due to the sheer amount of information, we had to break this publication into two parts. In today’s Part I, we’ll discuss the possibility of using a backdoor to hack our way into BitLocker. This publication will be followed by Part II, in which we’ll discuss brute-force possibilities if access to encrypted information through the backdoor is not available. (more…)

BitLocker is a popular full-disk encryption scheme employed in all versions of Windows (but not in every edition) since Windows Vista. BitLocker is used to protect stationary and removable volumes against outside attacks. Since Windows 8, BitLocker is activated by default on compatible devices if the administrative account logs in with Microsoft Account credentials. BitLocker protection is extremely robust, becoming a real roadblock for digital forensics.

Various forensic techniques exist allowing experts overcoming BitLocker protection. Capturing a memory dump of a computer while the encrypted volume is mounted is one of the most frequently used venues of attack. However, acquiring BitLocker-encrypted volumes may become significantly more difficult with the release of Windows 10 November Update. In this article, we’ll explore existing methods of recovering BitLocker volumes, look at what has changed with November Update, and review the remaining acquisition paths.
(more…)

 

The recent update to one of our oldest tools, Elcomsoft System Recovery, brought long-overdue compatibility with Windows systems that sign in with online authentication via Microsoft Account. While the tool can reset Microsoft Account passwords to allow instant logins to otherwise locked accounts, this is not the point. The point is that we have finally laid our hands on something that can help us break into a major online authentication service, the Microsoft Account.

For that to happen, Elcomsoft System Recovery can export the locally cached hash to the user’s Microsoft Account password for offline recovery. Running a GPU-assisted attack on the password (using Elcomsoft Distributed Password Recovery or similar tool) allows quickly enumerating the passwords with a combination of dictionary and brute-force attacks, in many cases resulting in the recovery of the original plain-text password. This isn’t exactly new, since the same thing could be done to local Windows accounts a decade ago. What DOES change though is the types and amounts of information can be accessed with the Microsoft Account password we’ve just recovered. This is one of those cases where a seemingly small change brings a plethora of new possibilities to digital forensics.

(more…)

We’ve recently updated Elcomsoft Distributed Password Recovery, adding enhanced GPU-assisted recovery for many supported formats. In a word, the new release adds GPU-accelerated recovery for OS X keychain, triples BitLocker recovery speeds, improves W-Fi password recovery and enhances GPU acceleration support for Internet Key Exchange (IKE).

(more…)

BitLocker, PGP and TrueCrypt set industry standard in the area of whole-disk and partition encryption. All three tools provide strong, reliable protection, and offer a perfect implementation of strong crypto.

Normally, information stored in any of these containers is impossible to retrieve without knowing the original plain-text password protecting the encrypted volume. The very nature of these crypto containers suggests that their target audience is likely to select long, complex passwords that won’t be easy to guess or brute-force. And this is exactly the weakness we’ve targeted in our new product: Elcomsoft Forensic Disk Decryptor.

The Weakness of Crypto Containers

The main and only weakness of crypto containers is human factor. Weak passwords aside, encrypted volumes must be mounted for the user to have on-the-fly access to encrypted data. No one likes typing their long, complex passwords every time they need to read or write a file. As a result, keys used to encrypt and decrypt data that’s being written or read from protected volumes are kept readily accessible in the computer’s operating memory. Obviously, what’s kept readily accessible can be retrieved near instantly by a third-party tool. Such as Elcomsoft Forensic Disk Decryptor.

Retrieving Decryption Keys

In order to access the content of encrypted containers, we must retrieve the appropriate decryption keys. Elcomsoft Forensic Disk Decryptor can obtain these keys from memory dumps captured with one of the many forensic tools or acquired during a FireWire attack. If the computer is off, Elcomsoft Forensic Disk Decryptor can retrieve decryption keys from a hibernation file. It’s important that encrypted volumes are mounted at the time a memory dump is obtained or the PC goes to sleep; otherwise, the decryption keys are destroyed and the content of encrypted volumes cannot be decrypted without knowing the original plain-text password.

“The new product includes algorithms allowing us to analyze dumps of computers’ volatile memory, locating areas that contain the decryption keys. Sometimes the keys are discovered by analyzing byte sequences, and sometimes by examining crypto containers’ internal structures. When searching for PGP keys, the user can significantly speed up the process if the exact encryption algorithm is known.”

It is essential to note that Elcomsoft Forensic Disk Decryptor extracts all the keys from a memory dump at once, so if there is more than one crypto container in the system, there is no need to re-process the memory dump.

Using forensic software for taking snapshots of computers’ memory is nothing new. The FireWire attack method existed for many years, but for some reason it’s not widely known. This method is described in detail in many sources such as http://www.securityresearch.at/publications/windows7_firewire_physical_attacks.pdf or http://www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-dma-part-1-overview-and-mitigation

The FireWire attack method is based on a known security issue that impacts FireWire / i.LINK / IEEE 1394 links. One can take direct control of a PC or laptop operating memory (RAM) by connecting through a FireWire. After that, grabbing a full memory dump takes only a few minutes. What made it possible is a feature of the original FireWide/IEEE 1394 specification allowing unrestricted access to PC’s physical memory for external FireWire devices. Direct Memory Access (DMA) is used to provide that access. As this is DMA, the exploit is going to work regardless of whether the target PC is locked or even logged on. There’s no way to protect a PC against this threat except explicitly disabling FireWire drivers. The vulnerability exists for as long as the system is running. There are many free tools available to carry on this attack, so Elcomsoft Forensic Disk Decryptor does not include a module to perform one.

If the computer is turned off, there are still chances that the decryption keys can be retrieved from the computer’s hibernation file. Elcomsoft Forensic Disk Decryptor comes with a module analyzing hibernation files and retrieving decryption keys to protected volumes.

Complete Decryption and On-the-Fly Access

With decryption keys handy, Elcomsoft Forensic Disk Decryptor can go ahead and unlock the protected disks. There are two different modes available. In complete decryption mode, the product will decrypt everything stored in the container, including any hidden volumes. This mode is useful for collecting the most evidence, time permitting.

In real-time access mode, Elcomsoft Forensic Disk Decryptor mounts encrypted containers as drive letters, enabling quick random access to encrypted data. In this mode files are decrypted on-the-fly at the time they are read from the disk. Real-time access comes handy when investigators are short on time (which is almost always the case).

We are also adding True Crypt and Bitlocker To Go plugins to Elcomsoft Distributed Password Recovery, enabling the product to attack plain-text passwords protecting the encrypted containers with a range of advanced attacks including dictionary, mask and permutation attacks in addition to brute-force.

Unique Features

The unique feature of Elcomsoft Forensic Disk Decryptor is the ability to mount encrypted disks as a drive letter, using any and all forensic tools to quickly access the data. This may not seem secure, and may not be allowed by some policies, but sometimes the speed and convenience is everything. When you don’t have the time to spend hours decrypting the entire crypto container, simply mount the disk and run your analysis tools for quick results!

More Information

More information about Elcomsoft Forensic Disk Decryptor is available on the official product page at http://www.elcomsoft.com/efdd.html