Windows 7 BitLocker Ready for TPM Hacks
Microsoft will continue to recommend BitLocker technology in concert with Trusted Platform Module (TPM) hardware to customers looking to protect sensitive data on mobile computers in the eventuality that the device is stolen or lost, the company said. Paul Cooke, Microsoft director, Windows Client Enterprise Security, notes that attackers can potentially access the secrets stored on TPM hardware inside a computer running Windows 7 with BitLocker, but that the company had labored to make such a scenario highly unlikely.
“With our design for BitLocker in Windows 7, we took into account the theoretical possibility that a TPM might become compromised due to advanced attacks like this one, or because of poor designs and implementations. The engineering team changed the cryptographic structure for BitLocker when configured to use enhanced pin technology,†Cooke stated.
Essentially, an attacker would not only need physical access to a protected computer, but also have to break the TPM for the appropriate secret, and get the user-configured PIN as well. According to Cooke, provided that customers take the necessary steps to make sure the PIN is sufficiently complex, a hack would be infeasible. In this context, an attacker would simply not be able to get the key necessary for the unlocking of the BitLocker protected disk volumes. Read More»
Loading ...
