How Strong Do You Want the BitLocker Protection?

Applies To: Windows 7, Windows Server 2008 R2

Determining the strength of BitLocker protection means determining the criteria for unlocking the drive after it is protected. When a BitLocker drive is unlocked, BitLocker authenticates the drive based on the valid key protectors being provided and then authorizes the unlocking of the drive. BitLocker offers a variety of key protectors that permit users to authenticate based on user knowledge, hardware component validation, and software keys as well as a combination of these. The information in this section helps you decide what type of protection you want to use with BitLocker.

Choose the encryption strength

BitLocker supports two levels of cipher strength for BitLocker: 128-bit and 256-bit. Both use the Advanced Encryption Standard (AES) to perform encryption. Longer encryption keys provide an enhanced level of security and are less likely to be successfully attacked by the use of brute-force methods. However, longer keys can cause slower encryption and decryption of data. On some computers, using longer keys might result in noticeable performance degradation. You can use Group Policy to change the length of the encryption key used by BitLocker.

In addition, BitLocker supports a Diffuser algorithm to help protect against ciphertext manipulation attacks, a class of attacks in which changes are made to the encrypted data in an attempt to discover patterns or weaknesses. By default, BitLocker uses AES encryption with 128-bit encryption keys and Diffuser. You can also select encryption without Diffuser by using Group Policy if your organization is Federal Information Processing Standard (FIPS) compliant.

It is recommended that most organizations use AES 128-bit with Diffuser. For organizations that are required to use 256-bit encryption, the AES 256-bit with Diffuser option can be enabled by using Group Policy.

Evaluate BitLocker unlock methods for operating system drives

BitLocker helps prevent unauthorized access to data on lost or stolen computers by encrypting the entire Windows operating system drive on the hard disk and, when present, using the Trusted Platform Module (TPM) to verify that the boot components have not been compromised since the last time the drive was unlocked.

The TPM is a hardware component installed in many newer computers by the computer manufacturers. It works with BitLocker to help protect user data and to ensure that the computer has not been tampered with. In addition, BitLocker offers the option to lock the normal startup process until the user supplies a personal identification number (PIN) or inserts a removable USB flash drive that contains a startup key. These additional security measures provide multifactor authentication and assurance that the computer will not start or resume from hibernation until the correct PIN or startup key is presented.

On computers that do not have a TPM, you can still use BitLocker to encrypt the operating system drive. By enabling the Group Policy setting to allow BitLocker without a TPM, BitLocker will store the encryption keys on a USB startup key and use that key to unlock the drive. In this situation, a user must insert a USB startup key to start the computer or resume from hibernation, and this does not provide the system integrity verification offered by BitLocker with a TPM.

The following table provides an overview of terms used when discussing the use of BitLocker to protect an operating system drive.

Term Description

TPM

A hardware device used to help establish a secure root-of-trust. BitLocker supports only TPM version 1.2 and above.

PIN

A user-entered numeric key protector that can only be used in addition to the TPM.

Startup key

An encrypted file that can be stored on most removable media. This key protector can be used alone on non-TPM computers, or in conjunction with a TPM for added security.

Windows 7 operating system drives can be unlocked in five different ways. As a best practice, we recommend using a TPM with a PIN. The following table describes the unlock methods supported by an operating system drive.

Unlock method Description Recommended use

TPM only

The TPM validates early boot components. When using a TPM, this is the least secure unlock method for operating system drives.

Recommended for computers in a physically secure location and for situations where unattended restart is required, such as when Wake On LAN solutions are used or for servers in remote locations.

TPM + PIN

Note
This is a best practice.

The TPM validates early boot components. The user must enter the correct PIN before the startup process can continue and before the drive can be unlocked. A Trusted Computing Group (TCG)-compliant TPM version 1.2 helps to protect the PIN from brute-force attacks.

Recommended for portable computers and computers in less secure locations. This unlock method requires PINs to be assigned to standard users and may generate additional help desk calls if users forget their PINs.

Minimum PIN length can be configured and is recommended to be at least 7 numerals long. For additional security, an enhanced PIN can be used, which permits users to use characters instead of numerals for their PIN. For more information about enhanced PINs, see the BitLocker Drive Encryption Deployment Guide for Windows 7 (https://go.microsoft.com/fwlink/?LinkID=140286).

TPM + startup key

The TPM validates early boot components, and a USB flash drive containing the startup key must be inserted.

Recommended for use when a PIN is not a viable option. To provide protection, the startup key should not be stored with the computer because it contains the keys to fully unlock the computer. This unlock method requires startup keys to be provisioned to standard users and may generate additional help desk calls when users lose their startup keys.

TPM + PIN + startup key

Note

This method is not supported in the graphical user interface and must be configured by using the Manage-bde command-line tool.

The TPM successfully validates early boot components, a USB flash drive containing the startup key must be inserted, and the user must enter the correct PIN before the startup process can continue.

This method is recommended for organizations that require three-factor authentication as part of their organizational security policy. When this method is used, you cannot require that removable data drives be BitLocker-protected.

Startup key only

Note

This can be used only when a TPM is not present.

The user is prompted to insert the USB flash drive that holds the recovery key or startup key and restart the computer.

Recommended for use when a TPM is not available. To provide any level of protection, the startup key should not be stored with the computer because it contains the keys to fully unlock the computer. This unlock method requires startup keys to be provisioned to standard users and may generate additional help desk calls if users lose their startup keys.

The following flow chart helps illustrate how to determine the best unlock method to use in your organization for a specific situation.

Evaluate BitLocker unlock methods for removable data drives

Bitlocker can help protect data on removable data drives by encrypting the entire contents of the drive. Removable data drives are devices designed to be removed when the computer is running. USB flash drives and Secure Digital memory cards are examples of removable data drives. After the drives are encrypted, they can be unlocked on any computer running Windows 7. Using the BitLocker To Go Reader, drives that are formatted by using the FAT16, FAT32, or exFAT file system and that use the password method can be unlocked as read-only on computers running Windows XP or Windows Vista by default. Group Policy can allow, disallow, or require the unlock methods for removable drives. You should choose the BitLocker unlock method based on the most likely usage scenario and the security needs of the drive being protected. The following table describes the different unlock methods available for removable data drives.

Unlock method Description Recommended use

Password

Users are prompted to enter a password to gain access to their data.

Note
Users should be strongly encouraged to use complex and long passwords that avoid the use of dictionary words to help protect against password guessing.

For use when organizations do not have the infrastructure to support smart cards or when access to the drive is necessary on computers running Windows XP or Windows Vista.

The minimum password length can be specified by using Group Policy. A 12-character minimum password length is recommended. Using the same parameters as Windows logon, password complexity can also be required.

Smart card

Users are prompted to enter their smart card and PIN to gain access to their drive.

Recommended for organizations that have a smart card infrastructure.

Automatic unlocking

After the user inserts the removable drive, it is automatically unlocked without any user authentication required. This method cannot be the only method used to unlock a removable drive.

Automatic unlocking provides convenience for users who access their drives on the same computer regularly. It is the least secure way of unlocking a removable drive.

It is recommended that automatic unlocking be disabled by Group Policy unless BitLocker is widely deployed on operating system drives in your organization.

The following flow chart helps illustrate how to determine the best unlock method to use for removable data drives in your organization for a specific situation. Automatic unlock can be used in addition to any of the methods listed.

Evaluate BitLocker unlock methods for fixed data drives

BitLocker can help protect data on fixed data drives by encrypting the contents of the drive. A fixed drive is a device that cannot be easily added to or removed from the computer while it is running. SCSI and ATA disks are examples of fixed data drives. These drives are usually internal to the computer and do not contain the operating system or early boot components. The operating system drive does not need to be encrypted with BitLocker to use BitLocker on fixed data drives, but it is a best practice to do so. The best practice for protecting fixed data drives is to encrypt the operating system drive by using the TPM + PIN unlock method and then allow BitLocker to automatically unlock the fixed data drive.

Group Policy can allow, disallow, or require the unlock methods for fixed data drives. More than one method can be applied to a drive, which allows users to choose how to unlock their drive. The following table describes the different unlock methods available for fixed data drives.

Unlock method Description Recommended use

Password

Users are prompted to enter a password to gain access to their data.

Note
Users should be strongly encouraged to use complex and long passwords that avoid the use of dictionary words to help protect against password guessing.

For use when organizations do not have the infrastructure to support smart cards or when the operating system drive is not protected with BitLocker.

The minimum password length can be specified by using Group Policy. A 12-character minimum password length is recommended. Using the same parameters as Windows logon, password complexity can also be required.

Smart card

Users are prompted to enter their smart card and PIN to gain access to their drive. This option is suggested for organizations that require a higher level of security than passwords provide and have deployed smart cards within their organization.

Recommended for organizations that have a smart card infrastructure and when the operating system drive is not protected with BitLocker.

Automatic unlocking

Automatic unlock can only be set on fixed data drives if the operating system drive is encrypted.

Recommended for use when the operating system drive is protected with BitLocker.

The following flow chart helps illustrate how to determine the best unlock method to use with fixed data drives in your organization for a specific situation.