Bypassing Bitlocker using a cheap logic analyzer on a Lenovo laptop

Source: OSNews

Article note: Securing a machine an attacker has physical access to is _extremely fucking difficult_... but being able to sniff plaintext keys off an exposed SPI bus is some first decade of the 2000s "an attempt was made" shit. At least they (probably) couldn't just plug into the SPI device and ask for the key offline. Someone buy the person who did it BusPirate and/or a cheap MSO with LA pins, they're going places.

The BitLocker partition is encrypted using the Full Volume Encryption Key (FVEK). The FVEK itself is encrypted using the Volume Master Key (VMK) and stored on the disk, next to the encrypted data. This permits key rotations without re-encrypting the whole disk.

The VMK is stored in the TPM. Thus the disk can only be decrypted when booted from this computer (there is a recovery mechanism in Active Directory though).

In order to decrypt the disk, the CPU will ask that the TPM sends the VMK over the SPI bus.

The vulnerability should be obvious: at some point in the boot process, the VMK transits unencrypted between the TPM and the CPU. This means that it can be captured and used to decrypt the disk.

This seems like such an obvious design flaw, and yet, that’s exactly how it works – and yes, as this article notes, you can indeed capture the VMK in-transit and decrypt the disk.

This entry was posted in News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *