Drive Encryption - How Does BitLocker and TPM Work?

This piece on data security is brought to you by Hirepulse. If you are a contractor or consultant, then you should check us out and advertise yourself for free with us today.

Over the last 5 years, it has become a near standard for trusted platform modules to be installed in new laptops sold.

The manufacturers Sony, Dell, Samsung, LG, Toshiba and several other major names have integrated TPMs in the laptops that are sold by them.

The main purpose of the TPM is to provide complete system integrity to stop physical tampering of systems to extract data. A common example would be where a hard drive is removed from a system and put into another system with the intent of stealing data. By using BitLocker in combination with TPM security, it is nearly impossible to recover this data without the BitLocker Recovery Key.

Microsoft claims that there is no ‘back door’ method to subverting BitLocker Security. Some law enforcement bodies have expressed a desire for Microsoft to add in a mechanism for law enforcement to extract data if necessary.

BitLocker software is included with Windows 7, Windows Vista and Windows Server 2008. The latest version that comes with Windows 7 and Server 2008 includes functionality to encrypt removable drives (such as USB memory sticks).

In today’s world where laptop theft with the intention of stealing company information is becoming more and more of a common threat, it is important for us to use drive encryption in case people get access to the laptop.

TPM devices also have inbuilt algorithms to prevent dictionary attacks, which enable the user to have a simpler password than what would normally be expected to protect against brute force attacks. Also, the cryptographic information used for TPM and Bitlocker to work is kept in the physical memory which means that a laptop left in sleep mode is easier to attack than one left in a powered-off state. Therefore it is recommended that your laptop be powered down when you are not using it to ensure maximum security.

When using Bitlocker in conjunction with TPM it is of critical importance that you do not lose your recovery key. Without this key you run the risk of losing your data which is obviously an extremely serious problem.

Be sure to set the recovery key, saving this immediately to a safe place (that is also secure from attack).

BitLocker and TPM is not 100% secure, and as always, physical access to a machine should be restricted from untrusted sources. There have been some publications regarding side channel attacks on TPM devices that are feasible immediately after a machine has been powered down.

Overall, the advances in drive encryption with a hardware integrity module such as TPM are a great thing for data security. If you are in business and carry important data on your laptop, you should work to start encrypting your data today.

This piece on data security is brought to you by Hirepulse. If you are a contractor or consultant, then you should check us out and advertise yourself for free with us today.