Security

Keys to Protecting Data with BitLocker Drive Encryption

Byron Hynes

At a Glance:

  • Full volume encryption
  • BitLocker keys
  • Setting up BitLocker

Windows BitLocker Drive Encryption is certainly one of the most talked-about features in Windows Vista. However, most people haven’t yet had much opportunity to test BitLocker to find out firsthand

what it does and how it works—particularly not on a computer with a Trusted Platform Module (TPM). In this article, I introduce you to the basics of BitLocker™ so that you can evaluate its potential and include it in your upgrade planning. I will begin with some background and conceptual information, and then I take a look at enabling BitLocker, data recovery, administration, and how BitLocker can help at the end of a computer’s life. To better understand the terminology here, take a look at the sidebar "Disks and Volumes."

Disks and Volumes

The terminology around disks and volumes can often be confusing. Here’s an abbreviated glossary for your reference.

Partition A partition is a section of a physical hard disk. It is a logical structure defined in a partition table stored on the disk.

Volume A volume is a logical structure in Windows made up of one or more partitions and defined by a Windows component called the volume manager. Except for the volume manager and startup components, the rest of the operating system and applications work with volumes, not partitions. In the case of Windows client operating systems, including Windows Vista, partitions and volumes normally have a one-to-one relationship. In servers, a volume is often made up of multiple partitions, such as in a typical RAID configuration.

Active Partition Only one partition at a time can be marked as the active partition. This is the partition that contains the boot sector used to start the operating system. The active partition is sometimes called the system partition or system volume, but don’t confuse those terms with the Windows OS Volume.

Windows OS Volume This volume contains the Windows installation, including the System and System32 folders. Prior to the release of Windows Vista, the term boot partition was used (and is still used often). The term Windows OS volume is clearer and avoids the never-ending confusion between boot partition and system partition. In the old days, trainers would sometimes tell students to remember that you "boot from the system partition and find the system files on the boot partition."

Before Windows Vista, the Windows OS volume (also known as the boot partition), and the active partition (also known as the system partition) were the same thing, because the hard disks in most client computers were configured as one single, large partition. In Figure A you can see the functions assigned to each partition or volume in the Disk Management console in Windows Vista.

Figure A Partition Functions

Figure A Partition Functions (Click the image for a larger view)

BitLocker really does two things that are complementary but distinct. First, BitLocker provides full-volume encryption for the Windows® OS volume. Second, on computers with a compatible TPM, BitLocker provides a way to validate the integrity of the early startup components before allowing Windows Vista™ to start.

To use all of the BitLocker functionality, your computer must have a compatible TPM microchip and BIOS. Compatible means a version 1.2 TPM and BIOS that supports the TPM and the Static Root of Trust Measurement as defined by the Trusted Computing Group (TCG). However, computers without a compatible TPM and BIOS can still use BitLocker encryption.

Full Volume Encryption

BitLocker provides full-volume encryption to ensure that all data written to the Windows OS volume is encrypted. This is key to protect confidential information stored on your organization’s computers, especially laptops and mobile computers.

Mobile computers are lost or stolen every day. With increased portable computing capacity and an increasingly mobile workforce, a single worker can be carrying hundreds of gigabytes of your organization’s trade secrets, confidential documents, or customers’ personally identifiable information (PII). Any news search will tell you that too much of that data is being lost. (The Privacy Rights Clearinghouse states that over 104 million records containing personal information have been lost or released just since 2005.)

Most organizations are already under legal and corporate mandates to protect many types of private information; and even if you’re not already legally required to, you probably have compelling a business interest to do so.

Why Encrypt the Entire Volume?

If you’re an experienced Windows administrator, you’re probably already familiar with Windows-based encryption options such as the Encrypting File System (EFS) and perhaps the encryption and protection provided by Rights Management Services (RMS). The big difference with BitLocker is that, once enabled, it is automatic, transparent, and includes the entire volume.

For example, with EFS, you have to specifically indicate which files and folders will be protected. In Windows Vista, there are some new options that make EFS more flexible, and EFS and RMS each address some scenarios that BitLocker does not. But both EFS and RMS require significant administrator configuration and are not designed to protect everything stored on the volume.

Conversely, BitLocker encrypts everything written to a BitLocker-protected volume, including the operating system itself, the registry, the hibernation and paging files, applications, and data used by applications.

There are three items not encrypted: the boot sector, any bad sectors already marked as unreadable, and the volume metadata. The volume metadata consists of three redundant copies of data used to manage BitLocker, including statistical information about the volume, and protected copies of some decryption keys. These items do not require encryption because they are not unique, valuable, or personally identifiable.

Full-volume encryption protects against offline attacks—the kind of attacks that are mounted by trying to bypass the operating system. For example, a common offline attack is to steal a computer, remove the hard drive, and install it as a second drive in another computer (running a different copy of Windows or a different operating system) to avoid NTFS permissions and user passwords. It is not possible to read a BitLocker-protected volume using this kind of attack.

How BitLocker Encrypts Data

BitLocker uses the Advanced Encryption Standard (AES) algorithm with 128-bit keys. For better protection, the keys can be increased to 256-bit keys using Group Policy or the BitLocker Windows Management Instrumentation (WMI) provider.

Each sector in the volume is encrypted individually, with a part of the encryption key being derived from the sector number itself. This means that two sectors containing identical unencrypted data will result in different encrypted bytes being written to the disk, making it much harder to attempt to discover keys by creating and encrypting known pieces of information.

Before data is encrypted using AES, BitLocker also uses an algorithm called a diffuser. Without going into the cryptography, a simple description of the diffuser is that it ensures that even minute changes to the plaintext result in the entire sector changing in the encrypted ciphertext. This also makes it much harder for an attacker to discover keys or data.

If you are interested in the details of the BitLocker encryption algorithm, you can read Neil Ferguson’s paper on it, "AES-CBC + Elephant Diffuser: A Disk Encryption Algorithm for Windows Vista".

BitLocker Keys

Any time you deal with encryption, you need to know about keys, and BitLocker is no exception. BitLocker uses an elegant, but somewhat complex, architecture of keys.

The sectors themselves are encrypted using a key called the full-volume encryption key (FVEK). The FVEK, though, is not used by or accessible to users. The FVEK is in turn encrypted with a key called the volume master key (VMK). This level of abstraction gives some unique benefits, but can make the process a bit more difficult to understand. The FVEK is kept as a closely guarded secret because, if it were to be compromised, all of the sectors would need to be re-encrypted. Since that would be a time-consuming operation, it’s one you want to avoid. Instead, the system works with the VMK.

The FVEK (encrypted with the VMK) is stored on the disk itself, as part of the volume metadata. Although the FVEK is stored locally, it is never written to disk unencrypted.

The VMK is also encrypted, or "protected," but by one or more possible key protectors. The default key protector is the TPM. Use of a TPM is discussed in the following section on integrity checking. A recovery password is also created as a key protector, for emergencies. Recovery is also discussed later.

You can combine the TPM with a numeric PIN or with a partial key stored on a USB drive for increased security. Each of these is a form of two-factor authentication. If your computer does not have a compatible TPM chip and BIOS, BitLocker can be configured to store a key protector completely on a USB drive. This is called a startup key.

BitLocker can be disabled without decrypting the data; in this case, the VMK is protected only by a new key protector that is stored unencrypted. Note that this clear key allows the system to access the drive as if it were unprotected.

At startup, the system looks for an appropriate key protector by querying the TPM, checking the USB ports, or, if necessary, prompting the user (which is called recovery). Finding a key protector lets Windows decrypt the VMK, which decrypts the FVEK, which decrypts the data stored on disk. The process is shown in Figure 1.

Figure 1 BitLocker default startup process

Figure 1 BitLocker default startup process

Integrity Checking

Because the components in the earliest part of the startup process must be available unencrypted so that the computer can start, an attacker could change the code in those early startup components (think rootkit), and then gain access to the computer, even though the data on the disk was encrypted.

By using this kind of attack, an intruder could possibly gain access to confidential information, such as BitLocker keys or user passwords, and leverage that information to get around other security protections.

Preventing this kind of attack was one of the original goals of the program and team that created BitLocker. In some ways, the encryption was almost a means to an end. The full-volume encryption allows BitLocker to protect the integrity of the system and prevent Windows from starting if the early startup components have been changed.

On computers equipped with a compatible TPM, each time the computer starts, each of the early startup components—such as the BIOS, the master boot record (MBR), the boot sector, and the boot manager code—examines the code about to be run, calculates a hash value, and stores the value in specific registers in the TPM, called platform configuration registers (PCRs). Once a value is stored in a PCR, the value cannot be replaced or erased unless the system is restarted. BitLocker uses the TPM and the values stored in PCRs to protect the VMK.

A TPM can create a key that is tied to specific PCR values. When this type of key is created, the TPM encrypts the key and only that specific TPM can decrypt it. Beyond that, though, the TPM decrypts the key only if those current PCR values match the values specified when the key was created. This is called sealing the key to the TPM.

By default, BitLocker seals keys to the measurements of the Core Root of Trust Measurement (CRTM), the BIOS and any platform extensions, option ROM code, MBR code, the NTFS boot sector, and the boot manager. If any of these items are changed unexpectedly, BitLocker will lock the drive and prevent it from being accessed or decrypted.

By default, BitLocker is configured to look for and use a TPM. You can use Group Policy or a local policy setting to allow BitLocker to work without a TPM and store keys on an external USB flash drive, but without a TPM, BitLocker cannot verify system integrity.

Enabling BitLocker for the First Time

BitLocker is available in Windows Vista Enterprise and Windows Vista Ultimate. (BitLocker will also be an optional component included with the next version of Windows Server®, code-named "Longhorn.")

The following discussion assumes that you have a computer with a compatible TPM available for testing. If you want to enable BitLocker on a computer without a TPM, follow the steps listed in the sidebar "Using BitLocker without a TPM."

Using BitLocker without a TPM

BitLocker is configured by default to use a TPM, and if you don’t have one, Windows out-of-the-box will not allow you to enable BitLocker. However, the following procedure, which was taken from the Windows BitLocker Drive Encryption Step-by-Step Guide, will allow you to use BitLocker without a TPM.

To perform these steps, you must be logged on as an administrator. Even without a TPM, your computer must support reading from a USB flash drive during the start-up process. Furthermore, you must have a USB flash drive available when you enable BitLocker and each time you restart the computer.

Follow these steps to turn on BitLocker Drive Encryption on a computer without a compatible TPM:

  1. Click Start, type gpedit.msc in the Start Search box and then press ENTER.
  2. If the User Account Control dialog box appears, verify that the proposed action is what you requested and then click Continue.
  3. In the Group Policy Object Editor console tree, click Local Computer Policy, click Administrative Templates, click Windows Components, and then double-click BitLocker Drive Encryption.
  4. Double-click the setting Control Panel Setup: Enable Advanced Startup Options. The Control Panel Setup: Enable Advanced Startup Options dialog box appears.
  5. Select the Enabled option, select the Allow BitLocker without a compatible TPM checkbox, and then click OK. You have changed the policy setting so that you can use a startup key instead of a TPM.
  6. Close the Group Policy Object Editor.
  7. To force Group Policy to apply immediately, you can click Start, type gpupdate.exe /force in the Start Search box, and then press ENTER. Wait for the process to finish.

An important part of enabling BitLocker is making sure that your volumes are configured correctly. BitLocker requires that the active partition be unencrypted so that the boot sector, the boot manager, and the Windows loader program can be read (these components are protected by the system integrity steps described previously). Since other Windows components may require temporary use of the active partition, Microsoft recommends that the active partition be at least 1.5GB. It’s also a good idea to configure NTFS permissions so that users cannot accidentally write data to this volume.

Windows itself will be installed to a second larger volume, which can be encrypted. If you are installing Windows on a new system, you can manually configure the volumes following the instructions available in Windows BitLocker Drive Encryption Step-by-Step Guide.

You can use the BitLocker Drive Preparation Tool to help set up your system for BitLocker. This tool takes the hard work out of configuring the drives, and it is available as a Windows Vista Ultimate Extra or to customers who are deploying Windows Vista Enterprise. For detailed instructions on the BitLocker Drive Preparation Tool, visit support.microsoft.com/kb/930063.

The BitLocker Drive Preparation Tool automatically shrinks the volume (if you have only one), creates the second partition, makes it active, makes all necessary configuration changes, and moves the startup files to the right place.

Once your volumes are configured, enabling BitLocker is straightforward. In the Security section of the Control Panel, click the BitLocker Drive Encryption icon. After you acknowledge the UAC consent prompt, a screen similar to Figure 2 appears.

Figure 2 Enabling BitLocker

Figure 2 Enabling BitLocker (Click the image for a larger view)

The exact sequence of what happens next will vary according to the state of the TPM chip in your computer. If the TPM chip is not initialized, the TPM Initialization Wizard will run. Follow the prompts to initialize the TPM, which will include restarting your computer.

After your TPM is initialized, the Save the recovery password page appears, as shown in Figure 3. To be able to recover your data in the event of a TPM failure or other problem, you need a recovery password. This page allows you to save a recovery password to a USB flash drive or to a local or network disk, or to print it for safekeeping. You must choose at least one of these options, and you can chose to save multiple copies. Once the recovery password has been saved, the Next button will be enabled. Click it.

Figure 3 Saving your recovery password

Figure 3 Saving your recovery password (Click the image for a larger view)

The Encrypt the selected disk volume page appears and you can choose whether or not to run a system check before the encryption starts. The system check will require a restart, but it is the best way to make sure that your TPM, BIOS, and USB ports will work properly with BitLocker. After the restart, if any problems were detected, then you will see an error message. Otherwise, the Encryption in Progress status bar is displayed.

That’s it. Encryption will complete in the background, and you can continue using your computer. Once the initial encryption is complete, a message will appear to let you know. You can also monitor the ongoing completion status of the disk volume encryption by dragging your cursor over the BitLocker Drive Encryption icon in the tool bar at the bottom of your screen. For more details, you can refer to the Step-by-Step Guide mentioned earlier.

Some users have been surprised to see that BitLocker doesn’t prompt the user or make any other obvious interruptions when the computer starts up. That’s because, in its default configuration, BitLocker is relying on the TPM to confirm the system integrity prior to unlocking the volume. This is automatic and transparent to the user.

You can configure BitLocker to require the entry of a PIN or the presence of a key stored on a USB flash drive at startup. This increases security and is recommended for situations where the increased security outweighs the inconvenience of entering the PIN. In my opinion, that’s always. (In other words, my desktop requires a PIN and my laptop requires a USB key.)

BitLocker Recovery

When dealing with encryption—especially in a business or enterprise environment—it is essential that you have a way for an authorized user to get their data back, even if the normal access methods or keys aren’t available. BitLocker calls this recovery.

If something changes unexpectedly in the early startup components, or you lose a USB startup key or a user forgets his PIN, BitLocker will not be able to complete the normal startup process. BitLocker will leave the volume locked, and Windows will not be able to start up. Instead, the BitLocker code in the boot manager will present a text screen. If a recovery password has been saved to a USB flash drive (sometimes called a recovery key), a screen similar to Figure 4 appears.

Figure 4 Looking for a recovery key

Figure 4 Looking for a recovery key (Click the image for a larger view)

For BitLocker to read a USB flash drive, it has to be connected at startup. So if you have a USB flash drive with a recovery password, insert it and press ESC. If you don’t have such a thing, press Enter to see the screen shown in Figure 5. This screen will also appear if a recovery key was never saved to a USB drive.

Figure 5 Entering a BitLocker password

Figure 5 Entering a BitLocker password (Click the image for a larger view)

BitLocker is now looking for a 48-digit numerical password that can unlock the drive. This number appears on the page if you chose to print the recovery password, and it is also stored in a file if you saved the recovery password to a folder.

The easiest way to manage recovery passwords in a business is to have them automatically stored in Active Directory®. You can get all of the details on how to do that at go.microsoft.com/fwlink/?LinkId=87067.

In a follow-up article I’ll elaborate on the manageability of BitLocker, but as part of this overview, you should know that BitLocker ships with a full WMI provider that allows BitLocker (and the TPM) to be managed through any WMI-compatible Web-Based Enterprise Management (WBEM) system. This means that BitLocker can also be scripted using any scripting language that can access WMI objects, such as VBScript or Windows PowerShell™.

BitLocker also ships with a command-line tool called manage-bde.wsf that uses the WMI provider to let you manage BitLocker, on local or remote computers. For more information, launch an elevated command prompt and type manage-bde.wsf /?.

Secure Decommissioning

There comes a point where every computer needs to be decommissioned. Businesses usually expend significant funds and effort making sure that disk drives are completely sanitized before they are released. Most processes that remove confidential data from disk drives are time-consuming, costly, or result in the permanent destruction of the hardware. BitLocker provides other more cost-effective options.

Rather than worrying about removing the data after the fact, BitLocker helps ensure that confidential data isn’t stored on disk in a risky way in the first place. Since everything written to the disk is encrypted, the data can be permanently rendered completely inaccessible by destroying all copies of the encryption keys. The hard disk itself is completely unharmed and can be reused.

You can choose from a number of approaches in decommissioning volumes that have been protected by BitLocker. You can choose to delete all copies of keys from the volume metadata, while keeping them archived in a secure central site. This can enable systems to be transported safely or temporarily decommissioned if they will be left unattended for long periods of time. It ensures that authorized users could still access the data, but not any unauthorized users, such as new owners of the equipment.

You can also choose to delete all copies of keys from the volume metadata and from any archives, such as Active Directory (perhaps by creating new keys that are not stored). Since no decryption keys then exist, no one can recover or retrieve the data.

In either of these cases, the removal and destruction of the keys contained in the volume metadata is almost instantaneous and can be performed across multiple systems by an administrator. A minimal investment of time and effort is required but results in a very high level of permanent protection. The format utility in Windows Vista has been updated so that a format command deletes the volume metadata and overwrites those sectors to securely delete any BitLocker keys.

A Few Final Points

BitLocker is a powerful tool designed to protect against specific threats, and it does an excellent job. However, it would be a mistake to expect BitLocker to protect against all threats. It is absolutely critical that you continue to use proper defenses and controls, such as strong passwords.

Understand that BitLocker is geared towards offline attacks. That means that if Windows is running, BitLocker has unlocked the volume. In other words, BitLocker does not offer protection to a running system. Technologies such as EFS and RMS complement BitLocker by protecting information while the OS is running.

For more information about BitLocker, visit the Microsoft Web site, starting at technet.microsoft.com/windowsvista/aa905065.aspx. For more about TPM specifications and the TCG, visit the TPM Specifications section of the TCG Web site at go.microsoft.com/fwlink/?LinkId=72757.

Byron Hynes works in the Windows Server User Assistance group at Microsoft. In the past, he worked as a consultant and trainer. You can reach him at bhynes@microsoft.com.

© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.