BitLocker™ Drive Encryption Team Blog

BitLocker Makeover

The Windows Vista RC1 release is quickly approaching and I know many of you are eager to hear the latest and greatest news about BitLocker.  Well, wait no more my fervent comrades!

Anyone who is familiar with previous builds may recall walking through separate wizards for the TPM and BitLocker functionalities – and thinking, “wait, didn’t I just do this?”  We realized this was a bit confusing, so in RC1 the TPM initialization wizard functionalities have been integrated directly into the BitLocker setup wizard (on TPM machines).  You now only need to run the single BitLocker setup wizard, although the TPM MMC snap-in can still be used separately.  No muss, no fuss!

But wait, there’s more!  Below you will find additional simplifications that have been made to the BitLocker wizard, which should provide for a straightforward setup experience.  So download now, and get your copy of RC1 today!

TPM by Default

In response to customer feedback, we have made some simplifications to the default user interface for BitLocker.  By default, the BitLocker setup wizard will not run without a compatible TPM; and on those with a compatible TPM, the interface no longer displays the advanced options to create a startup PIN or USB startup key.

But for those who still want these features – don’t fret!  To restore access to the advanced options in the BitLocker setup wizard, just click the following link to review the BitLocker Step-by-Step Guide for RC1.  Note that this document will be updated concurrent to the RC1 release.

System Check Option

The purpose of the BitLocker System Check is to verify that the hardware and BIOS is compatible with BitLocker, and that access to the encryption and recovery keys is possible.  This check is now an explicit option in the setup wizard when turning on BitLocker.

To prevent a setup failure and resolve hardware issues, BitLocker can complete the system check during BitLocker setup.  Choosing this option requires a restart but ensures that encryption is only started if the computer passes the system check.

To access the system check in the BitLocker setup wizard, follow the instructions below:

1)       Click Start, click Control Panel, click Security, and then click BitLocker Drive Encryption. 

2)       If the User Account Control dialog box appears, verify that the proposed action is what you requested, and then click Continue.

3)       From the BitLocker Drive Encryption page, click Turn On BitLocker for the OS volume.

If your TPM is not initialized, you will see the Initialize TPM Security Hardware wizard. Follow the directions to turn on the TPM and restart your computer. After the restart, the BDE wizard will launch itself to continue the setup.

4)       Choose the preferred recovery password storage method from the Save the recovery password page.  After saving the password to the desired location, click Next.

5)       From the Encrypt the selected disk volume page, check the Run BitLocker system check box, and click Continue.

6)       Insert the recovery password USB flash drive (if you saved the password on a USB drive), and click Restart Now.  The computer restarts and BitLocker checks to make sure that the computer is BitLocker-compatible and ready for encryption. If it is not, you will see an error message alerting you to the problem and no encryption is applied to the OS volume.

For a related music selection:

            David Bowie – “Changes” from the album “Changesonebowie” (1976)

-          Valerie Bays

Open Sesame: BitLocker Recovery Passwords

Anyone who has tried enabling BitLocker will have been greeted with a friendly dialog box insisting that you create a recovery password.  I remember the first time I saw this, I found myself asking, “what is this recovery password, and what am I supposed to do with it?” 

Let’s first take a look at the BitLocker system.  BitLocker has two major features: 1) it encrypts the hard drive to prevent offline attacks against lost or stolen laptops and, 2) it takes measurements of the boot process to ensure the integrity of the system at start-up.  These measurements detect attacks that try to get into your system before the OS loads. 

If the measurements taken during start-up match the measurements taken when BitLocker was enabled, the system will boot into Vista as expected.  If the measurements change, however, BitLocker will enter recovery mode.  There are several scenarios that can cause these measurements to change.  Some scenarios are harmless, like moving a BitLocker-protected drive into a new computer, while others are malicious, like a rootkit attack.  For a more complete discussion of recovery scenarios, check out the BitLocker Technical Overview.

In recovery mode, encrypted data will not be unlocked unless you can present the recovery password, either by inserting a USB flash drive containing the recovery password or typing it in manually.  Start-up PINs and keys will not work in recovery mode.

 This leads to two critical points:

·         If you lose the recovery password and the system goes into recovery mode, the data is irretrievable. 

·         If an adversary gets your recovery password, he can make changes to your system and bypass BitLocker.  This is equivalent to a thief learning your Windows XP administrator password or mothers’ maiden name.

So this leads to an interesting dichotomy: you want to preserve your recovery password, but not leave it accessible to an attacker.  Taping your recovery password to your laptop is a bad idea.  But what other backup options are available?  Well, we have a few ideas:

·         Save your recovery password on a USB drive, and put it on your key chain (or in a safe).

·         Print out the recovery password and hide it away in a file folder.

·         Burn the recovery password onto a CD (or floppy) and store that away in some safe place.

·         BitLocker also supports automatic backup to Active Directory servers.  This will be the recommended method for backing up recovery passwords in business scenarios. 

Two things you should always remember about the BitLocker recovery password: back it up and keep it safe.

For a related music selection:

                ‘N Sync – “I Want You Back” from the album “’N Sync” (1998)

-          Jonathan Rhodes

Keys to the Kingdom

You probably have lots of keys in your life -- a house key, a car key, an office key. Each of these keys fits a different lock. Windows BitLocker™ Drive Encryption also has different key and lock combinations. Just as you wouldn't leave your car keys laying out in public or sitting in the ignition while you go into the grocery store, you should handle and store your BitLocker keys equally carefully, especially the recovery password.

As an end-user or IT Professional, you will handle three types of keys, out of the many in BitLocker:

• Recovery password
• TPM ownership password
• TPM+ keys (officially called “TPM key protectors”)

For now, think of BitLocker as the door between your data and the world. The door may have several types of locks on it, which are opened with different keys.
 
When you start BitLocker, you will be asked to create a recovery password.

The recovery password works like a door key that you have hidden offsite in case you lock yourself out. This key could open all the locks in your building. For BitLocker, the recovery password is stored away from the computer, either on a USB flash drive, or as a 48-digit number that can be entered by the user. In a business environment,  the recovery passwords are usually kept in Active Directory Domain Services. This recovery password is the key that will allow you to unlock your drive and get your data, even if your startup information has changed. With the recovery password, a burglar could get into your data without you even knowing!

The TPM is like a lobby in an office building. Most of the time, you can walk right in and through the foyer and proceed to your office. However, if the building is secured for some reason, the foyer door is locked. Conceptually, the TPM chip in your computer works in a similar way. The “inside door” is the Windows logon process. If the TPM detects changes to the key startup components in your system, it puts the “building” into lockdown – which means that BitLocker will require the recovery password to unlock the drive.

For extra security, use a TPM+ key. You can configure BitLocker with a PIN or a startup key (cryptographic key information stored on a USB flash drive). Either of these adds a second factor of authentication, as you might use two locks on your door.

The PIN works like a numeric key pad on a high-security door, reinforcing the door lock. The PIN is known by the user and entered at startup. If the wrong PIN is used, or if the PIN cannot be provided, the information remains locked.

The startup key is like a deadbolt on the door. The startup key must be found on a USB flash drive at computer startup. If the wrong Startup key is used, or if the Startup key is missing, the information remains locked.

Using your BitLocker keys will soon become as automatic as any of the other keys in your life. In many scenarios, using the BitLocker keys will be totally transparent and seamless.

Note to security and crypto-types: There are more than three types of keys in BitLocker, of course. They are not covered in this overview, but if you want more information, see the BitLocker Technical Overview. That document has a much fuller description of keys and cryptographic structures that are not meant to be handled by the user or administrator, but are used to secure the data.

-- Heidi Waterhouse
 

BitLocker and unallocated space

I often see two questions related to free (a.k.a. “unallocated”) disk space when people talk about Windows BitLocker™ Drive Encryption on various forums:

Q: What happens to unallocated space when I enable BitLocker on my volume? Does it get encrypted?

Q: I enabled BitLocker on my volume and – poof! – all my free space is gone! What’s wrong? More importantly, how do I get it back?

Good news: nothing is wrong and the only thing that you have to do to get it back is wait. Here’s a high level explanation (some intricate technical details have been omitted for brevity).

In the IT world “delete” usually means “remove from plain view” rather than “obliterate out of existence”. Unallocated disk space is prone to contain interesting data: rotting skeletons of compensation spreadsheets, “deleted” text files with passwords and credit card numbers, discarded autosave copies of top secret presentations. Hence, BitLocker cannot just ignore free space when the volume is being encrypted.

On the other hand, encrypting (or, to be exact, “reading, encrypting, and writing back”) free space is a real waste on a typical volume that is usually less than twenty percent full. As a performance optimization, BitLocker simply overwrites unallocated space with noise, thereby avoiding redundant reads. As expected, wiping free space is about two times faster than encrypting data, but it still takes considerable time on large volumes.

Now, free space tends to be very fluid. Unallocated chunks of disk space appear and disappear all over the place, all the time. Determining whether a given sector needs to be encrypted or wiped at a particular moment of time is a considerable technical challenge. BitLocker solves this problem by creating a huge file that takes most of the available disk space (leaving 6 GB for short-term system needs) and wiping disk sectors that belong to the file. Everything else (including ~6 GB of free space not occupied by the wipe file) is encrypted. When encryption of the volume is paused or completed, the wipe file is deleted and the amount of available free space reverts to normal.

(Note: if you have a Beta 2 build, you may have noticed that volume conversion leaves only 2 GB of free space, not 6 GB as described here. Increasing the amount of free space available during conversion from 2 GB to 6 GB was a recent change that is aimed to avoid ‘disk full’ errors in some common scenarios, such as installation of large software packages or writing a full memory dump on systems with 2+ GB of RAM.)

When BitLocker is turned off and the volume is decrypted, the wipe file is created in a similar way, and everything except the wipe file is decrypted. There is no need to decrypt sectors that are occupied by the wipe file, since no useful data is contained therein. Wiping unallocated space is not necessary either, as the whole volume is reverted to clear text anyway. As such, sectors occupied by the wipe file are skipped during decryption; consequently, decryption of a volume is typically much faster than encryption. As in the case of encryption, the wipe file is deleted when decryption is paused or completed.

And finally, a bit of trivia: the noise that is used to overwrite free space is generated by encrypting a buffer filled with 0x57 (‘W’ in ASCII code). So, if you ever opened an encrypted volume in a disk viewer and wondered what those vast spaces filled with W’s are – that’s most probably unallocated space that has been wiped during encryption.

— Bulat Shelepov

Doing our part for BitLocker™ Drive Encryption: Particular requirements around partitioning

On May 23-25, members of the BitLocker team participated in the Windows Hardware Engineering Conference (WinHEC) in Seattle. It was a successful event for us, and we even got some mentions in keynote speeches. Everyone we talked to understood the importance of encrypting the entire disk volume, and there was a great deal of excitement that this feature will be available in Windows Vista and Windows Server "Longhorn".

Anticipation aside, we know that the true test of a product is in customers using it. Based on WinHEC and other recent feedback, we want to highlight a detour you might encounter on your way to better data protection with BitLocker.

With a newly-installed Windows Vista Beta 2 build, don’t despair if you see that you need to "reconfigure" your hard disk before you can turn on BitLocker. It’s not your fault!

The fact is, you need two partitions set up on your disk before you can turn on BitLocker. 

• The first partition, called the system volume, contains the boot information in an unencrypted space. This partition must be at least 1.5 GB in size and should not be used as a spare place to store files.  BitLocker requires this partition because of architectural constraints and the need to be compatible with existing technologies.
  
• The second partition, called the operating system volume, contains Windows and user data and can be fully encrypted by BitLocker.

To partition your computer, Vista Beta 2 requires that you reinstall Vista from the product DVD and set up the necessary partitioning during the installation. We, too, quite dislike the burden these steps place on you.

Will you need to reinstall and run “diskpart” when Windows Vista is a finished product?  Not if we have anything to say about it. Here's what were a trying to do:

• We are working closely with computer manufacturers to have these two partitions configured by default in new computers.

• We are working with enterprise customers to make sure they can set up their Vista deployment processes appropriately (enterprise customers use automated processes that can seamlessly set up the partitioning).

• We are working on a partitioning tool that takes care of the repartitioning so you won’t have to reinstall and type the “diskpart” commands needed in the Windows Vista Beta 2 release. In effect this tool "converts" a disk to a more BitLocker-friendly state.

For now, if you’re a beta tester for Windows Vista Ultimate edition or an employee evaluating the feature for your enterprise, we’d really appreciate it if you can step through this detour, enable BitLocker, and let us know what you think about the data protection capabilities it offers. 

For more information on partitioning your computer for BitLocker:

      BitLocker Step by Step Guide

For a related music selection:

      P!nk – “Get the Party Started” from the album “M!ssundaztood” (2001)

- Xian Ke, on behalf of the BitLocker team

Why you need to own your Trusted Platform Module (TPM)

You might think that having your TPM security hardware be “owned” may not be a good thing. If you’re well-versed in slang, you’re excused. However, to own or “take ownership” of your computer’s TPM is actually desirable for both functionality and security.

Taking ownership of the TPM allows you to make full use of TPM capabilities and prevents any other user or software from usurping your ownership title. You are a TPM’s owner if you’re able to set the TPM owner password. Only one owner password exists per TPM, and anyone who knows that password effectively acts as the TPM owner.

So what’s the difference in functionality between a TPM which has a set owner and one which does not? Given that a TPM has an owner, what can the TPM owner do that a non-owner cannot? The first question is answered by documentation in the IsOwned method of the Vista TPM Windows Management Instrumentation (WMI) interface. This same WMI interface allows TPM owners to remotely configure a computer’s TPM. The WMI method ConvertToOwnerAuth takes as input the owner password and derives the 20-byte value that the TPM actually uses to authorize owner-restricted TPM functionality. You can then use the 20-byte owner authorization value to run WMI methods to Enable, Disable, and Clear a TPM. Of course, remotely configuring the TPM is not exactly the most interesting owner-only functionality that a TPM supports. Consult the “Owner Permission Settings” section of the Trusted Computing Group’s Structures of the TPM specification to list the TPM commands that are available only to a TPM owner.

For more information on setting a TPM owner:

• TPM Step by Step Guide

For a related terminology trivia:

“Initialize” – a catch-all term to indicate all the steps that must be done to use the TPM with BitLocker or other security applications, including to turn on and take ownership of the TPM.

— Xian Ke

“Is anyone out there?” — Using physical presence to turn on the Trusted Platform Module (TPM)

P.S. Large enterprise customers that desire no-touch deployment—and who have a controlled deployment environment—can work with their preferred computer manufacturer to purchase computers that do not require an extra touch. For example, having the TPM already on removes the need to establish physical presence during an enterprise BitLocker deployment.

BitLocker™ Technical Overview — Now Available

It’s been a while since WinHEC 2005, and it was time for a meaningful refresh of our BitLocker docs. In an effort to crystallize the product functionality in one relatively short, yet technical document, I have updated the BitLocker Technical Overview available on http://www.microsoft.com/technet/windowsvista/security/bittech.mspx.

This document is intended for IT administrators and advanced users to help them understand the different authentication scenarios offered. The document includes the following:

• The different requirements for installing BitLocker Drive Encryption
• An architectural overview
• A section on servers
• A section on data volumes
• Information about the product’s lifecycle—from install to retirement
• Information about the different authentication scenarios offered (what is TPM-only and what is TPM+StartupKey)
• Information about the different recovery mechanisms available in case something goes wrong

-- Tony Ureche

BitLocker™ and FIPS

Because we have many government customers who will want to run FIPS-compliant software, Microsoft will certify BitLocker™ to the FIPS 140-2 standard. This is a long process, but if all goes well we should be in good shape within a few months after shipping.

The process involves following specific requirements to add self-tests (such as integrity checking, known-answer-tests, and so on) to our crypto modules, getting these modules validated by an independent third party, and then getting the actual certification from NIST (the National Institute of Standards and Technology) and CSE (Communications Security Establishment, NIST’s Canadian equivalent).

After several design drill-downs, the BitLocker team determined that we need to implement additional changes beyond self-tests, such as offering choices to opt-in and opt-out of FIPS-compliance through group policy.

In addition to satisfying government customers’ requirements, another good thing about the validation and certification processes is that it allows an independent set of eyes to look at our crypto algorithms, not only for correct implementation and compliance with the standard, but also for potential weaknesses or avenues of attack.

-- Tony Ureche, Ph.D.

Welcome

Welcome to the BitLocker™ Drive Encryption Team blog!

The focus of this blog is to post technical content on a range of topics, but especially how you, our customers, can use BitLocker. Posts will include things like:

• Announcements of new documents, articles or updates
• Explanations of key BitLocker concepts
• BitLocker Tips and tricks
• Deployment "gotchas" and how to avoid them
• Common issues and lessons learned
• How-To's
• And other things that you tell you'd like to see. To suggest topics, send us an E-mail at bdebidea@microsoft.com.

We plan to update the blog bi-weekly.

Posts are written by team members who work on different areas of the BitLocker feature. BitLocker is part of the System Integrity group in Windows Security. Logistics are managed by Purna Gathani and Byron Hynes.