Youtuber cracks BitLocker encryption in minutes with Raspberry Pi Pico

[P4-630]

A security researcher has managed to crack a laptop encrypted with BitLocker in under a minute using a modified Raspberry Pi Pico.
The attack does require physical access to the laptop.

Breaking Bitlocker - Bypassing the Windows Disk Encryption

Microsoft's BitLocker tool protects data on hard drives by encrypting them. However, Stacksmashing discovered that the key used for this can easily be intercepted via a 'sniffing attack'. Network traffic is tapped to intercept information.

BitLocker concerns the traffic that is exchanged between a separate Trusted Platform Module, or TPM, and the CPU in a laptop. BitLocker uses the TPM chip in a laptop to store the decryption key. To make the drive accessible when the laptop starts, the key is sent to the CPU. However, the communication between the processor and the TPM is not encrypted, meaning that the key is sent in cleartext. By listening in on this communication, Stacksmashing was able to retrieve the key.

Stacksmashing made a so-called TPM sniffer from a Raspberry Pi Pico. He connected the single-board computer to the LPC Bus in the laptop, allowing him to intercept the traffic. After obtaining the key, the researcher used the open source tool Disclocker to decrypt the drive. He could then view all the data.

Microsoft has been aware of these types of attacks for some time, but emphasizes that attackers need 'sufficient time' to do so. However, Stacksmashing only needed 43 seconds to open the laptop, connect the TPM sniffer to the LPC Bus and steal the key. The hardware needed to make the TPM sniffer cost him just ten dollars.

Stacksmashing used a Lenovo laptop for its attack, but other laptops are also vulnerable. However, the attack only works if a laptop has a separate TPM and CPU. If the two are combined, which is the case on many laptops, the attack does not work. Users who want to protect themselves against such an attack can take mitigating measures by configuring a PIN, according to Microsoft.

Youtuber kraakt BitLocker-versleuteling binnen minuut met Raspberry Pi Pico

Een beveiligingsonderzoeker is erin geslaagd een laptop die met BitLocker is versleuteld binnen een minuut te kraken met behulp van een aangepaste Raspberry Pi Pico. Voor de aanval is wel fysieke toegang tot de laptop nodig.

tweakers.net

 

[Solaris17]

So I knew this would make it here

Only works because:

- physical access
- TPM is a separate chip
- board literally had contact pads for the traces

Newer CPUs by AMD and Intel (read the past few years) have on die TPM so this won’t work.

no it’s not a flaw communication between CPU and other ICs is not encrypted on pretty much all things. That’s why you could lift the encryption keys from the Xbox using a buss pirate.

this isn’t a bitlocker crack. He literally lifted the keys, he did not break the encryption.

 

[Vya Domus]

I'd be more concerned about backdoors left by MS themselves rather than this.

 

[Assimilator]

OH
MY
GOD

A person with PHYSICAL ACCESS to THEIR OWN MACHINE was able to install a hardware device to sniff the BitLocker encryption key off that machine.

OH
MY
GOD

In other news, I just took a bottle of water out of the fridge in my kitchen. Clearly my house has been BURGLED, all the locks that I have on my doors are TOTALLY BROKEN FOREVER, and as such nobody should use door locks EVER AGAIN.

OH
MY
GOD

On a related note, I really wish that the so-called "security researchers" who keep coming up with this stupid bullshit, would all die in the world's slowest fire. These people are the epitome of oxygen thieves.

 

[Bill_Bright]

He may not have broke the encryption, he did gain access to the encrypted data that appeared in "the clear". That is not good.

HOWEVER, as P4-630, Solaris17 and Assimilator all pointed out, the researcher had physical access to the laptop. This critical point is, sadly, so often overlooked by those who regularly (intentionally or not) spread FUD. We see it all the time with those who insist everyone needs keylogger protection on top of all the other security measures they already have.

Yes, if you regularly leave your computer unattended, out of your sight, in the public waiting lounge at the JFK airport in New York City, you might need an anti-keylogger program.

I note this researcher also needed special additional hardware and pretty extensive knowledge, all in advance of task. So to suggest it was done in less than a minute is quite a stretch.

That said, laptops and other portable devices have been known to grow feet and wander off. So the lesson here is, don't put sensitive information on your portable devices. But if you must, then I recommend you use a separate encryption program to encrypt your sensitive files in addition to the Bitlocker/TPM solution.

 

[R-T-B]

So I knew this would make it here

Only works because:

- physical access
- TPM is a separate chip
- board literally had contact pads for the traces

Newer CPUs by AMD and Intel (read the past few years) have on die TPM so this won’t work.

no it’s not a flaw communication between CPU and other ICs is not encrypted on pretty much all things. That’s why you could lift the encryption keys from the Xbox using a buss pirate.

this isn’t a bitlocker crack. He literally lifted the keys, he did not break the encryption.

Yeah. This has been known as a theoretical avenue for an attack for like forever, I don't think this is even the first incident of key-lifting being done in practice for that matter.
That being said, it's one of the reasons my org does not use a TPM in it's encrypted disk setup. But to say this is common or even remotely likely for the average user to encounter is FUD, plain and simple.

Yes, if you regularly leave your computer unattended, out of your sight, in the public waiting lounge at the JFK airport in New York City, you might need an anti-keylogger program.

No, you need a new approach to security. This has become a public PC and will never be trustworthy for anything else. No program can certify what's potentially been physically messed with.

 

[bug]

He may not have broke the encryption, he did gain access to the encrypted data that appeared in "the clear". That is not good.

HOWEVER, as P4-630, Solaris17 and Assimilator all pointed out, the researcher had physical access to the laptop. This critical point is, sadly, so often overlooked by those who regularly (intentionally or not) spread FUD. We see it all the time with those who insist everyone needs keylogger protection on top of all the other security measures they already have.

Yes, if you regularly leave your computer unattended, out of your sight, in the public waiting lounge at the JFK airport in New York City, you might need an anti-keylogger program.

I note this researcher also needed special additional hardware and pretty extensive knowledge, all in advance of task. So to suggest it was done in less than a minute is quite a stretch.

That said, laptops and other portable devices have been known to grow feet and wander off. So the lesson here is, don't put sensitive information on your portable devices. But if you must, then I recommend you use a separate encryption program to encrypt your sensitive files in addition to the Bitlocker/TPM solution.

How else would you get access to the data on a disk? Ask nicely for the owner to connect their storage to the Internet? That may be a thing for NAS solutions, but getting access to a local disk usually implies physical access.

 

[evernessince]

Yes, if you regularly leave your computer unattended, out of your sight, in the public waiting lounge at the JFK airport in New York City, you might need an anti-keylogger program.

Consider that you use electronic devices everyday where it's infeasible and illogical to keep an eye on 24/7. Public and work computers obviously but there's also card readers and registers among other devices. This is precisely why exploits that require physical access are important to patch. Not that it really pertains in this instance given it was a physical design issue at work here.

No, you need a new approach to security. This has become a public PC and will never be trustworthy for anything else. No program can certify what's potentially been physically messed with.

Exactly, having some sort of anti-keylogging is just tricking yourself into thinking the system is secure.

this isn’t a bitlocker crack. He literally lifted the keys, he did not break the encryption.

Yep title is misleading.

 

[Bill_Bright]

How else would you get access to the data on a disk?

Through the network - then you can do it from the other side of the world. Piece of cake, right? I mean corporate networks seem to be breached every day. (17) Yet another hack/breach | TechPowerUp Forums

No, you need a new approach to security. This has become a public PC and will never be trustworthy for anything else. No program can certify what's potentially been physically messed with.

LOL - I am afraid you took me seriously. I was being fictitious. I mean, seriously? Who would ever "regularly" leave their computer unattended in a public place? Sorry. I thought I was being obvious.

But you are right - one would need a new approach to security. And that I did suggest in all seriousness: encrypt your data with a separate encryption program, in addition to Bitlocker/TPM. I also said not to put anything sensitive on your "portable" devices because they can grow legs (get stolen or accidentally be left behind).

And OF COURSE a computer cannot be watched 24/7/365. Even our home PCs are vulnerable to a thief breaking in and stealing it. So again, if your data is THAT sensitive - use double encryption. And don't forget a good backup plan that includes at least one copy "off-site".

 

[R-T-B]

LOL - I am afraid you took me seriously. I was being fictitious. I mean, seriously? Who would ever "regularly" leave their computer unattended in a public place? Sorry. I thought I was being obvious.

Yes but I never assume the reader knows that lol.

 

[Bill_Bright]

Well, I never say never but do try not to assume as well too - especially when tone of voice cannot be heard and facial expressions and body language cannot be seen. But, like I said, I thought it was obvious this time.

 

[R-T-B]

Oh it was to me. No worries either way. I just know the law of the internet is to cover all the bases because if you can possibly be misunderstood, you will be.

 

[remixedcat]

isn't on cpu tpm from 8th gen intel core ix and up?

 

[P4-630]

isn't on cpu tpm from 8th gen intel core ix and up?

Yes.

If your computer is based on the 8th Generation or later Intel® Core™ Processor family,
you can rest assured knowing your system has Intel® Platform Trust Technology (Intel® PTT),
an integrated TPM that adheres to the 2.0 specifications.

 

[lexluthermiester]

A security researcher has managed to crack a laptop encrypted with BitLocker in under a minute using a modified Raspberry Pi Pico.
The attack does require physical access to the laptop.

Breaking Bitlocker - Bypassing the Windows Disk Encryption

Microsoft's BitLocker tool protects data on hard drives by encrypting them. However, Stacksmashing discovered that the key used for this can easily be intercepted via a 'sniffing attack'. Network traffic is tapped to intercept information.

BitLocker concerns the traffic that is exchanged between a separate Trusted Platform Module, or TPM, and the CPU in a laptop. BitLocker uses the TPM chip in a laptop to store the decryption key. To make the drive accessible when the laptop starts, the key is sent to the CPU. However, the communication between the processor and the TPM is not encrypted, meaning that the key is sent in cleartext. By listening in on this communication, Stacksmashing was able to retrieve the key.

Stacksmashing made a so-called TPM sniffer from a Raspberry Pi Pico. He connected the single-board computer to the LPC Bus in the laptop, allowing him to intercept the traffic. After obtaining the key, the researcher used the open source tool Disclocker to decrypt the drive. He could then view all the data.

Microsoft has been aware of these types of attacks for some time, but emphasizes that attackers need 'sufficient time' to do so. However, Stacksmashing only needed 43 seconds to open the laptop, connect the TPM sniffer to the LPC Bus and steal the key. The hardware needed to make the TPM sniffer cost him just ten dollars.

Stacksmashing used a Lenovo laptop for its attack, but other laptops are also vulnerable. However, the attack only works if a laptop has a separate TPM and CPU. If the two are combined, which is the case on many laptops, the attack does not work. Users who want to protect themselves against such an attack can take mitigating measures by configuring a PIN, according to Microsoft.

Youtuber kraakt BitLocker-versleuteling binnen minuut met Raspberry Pi Pico

Een beveiligingsonderzoeker is erin geslaagd een laptop die met BitLocker is versleuteld binnen een minuut te kraken met behulp van een aangepaste Raspberry Pi Pico. Voor de aanval is wel fysieke toegang tot de laptop nodig.

tweakers.net

What's really funny is that they seem to be taking advantage of holes deliberately left in by microsoft for "backdooring" a system. The statements made by microsoft are nothing but them trying and failing to cover their backsides. Pathetic.

@R-T-B
Who called it a few years ago? Government agencies world-wide have had OFFICIAL tools like this for donkeys-years that work even faster than 43seconds and have had them since the first release of Bitlocker.

Does anyone want to argue that microsoft is not incompetent and incapable of providing true security? The microsoft method is NOT TRUSTWORTHY people! Stop trusting them and start doing your own thing!

Only works because:

- physical access

This is required.

TPM is a separate chip

This is not, at least for the official tools microsoft gives to governments.

board literally had contact pads for the traces

This is not. While the folks doing the above used a hardware solution, a software solution exists that needs none of it. Now that a hardware solution has been discovered, a software version will soon follow.

 

[R-T-B]

Who called it a few years ago?

I mean these exploits have been on wikipedia literally for years so...

This is not, at least for the official tools microsoft gives to governments.

There are no government tools that I am aware of (not that I neccesarily would be, but I'd honestly be surprised if our government were that competent).

There is a public bitlocker forensic kit of course. It doesn't do much without the keys sniffed though.

This is not. While the folks doing the above used a hardware solution, a software solution exists that needs none of it. Now that a hardware solution has been discovered, a software version will soon follow.

No offense intended but without a source this is not something I can accept at face value. Its little more than speculation.

 

[lexluthermiester]

No offense intended but without a source this is not something I can accept at face value. Its little more than speculation.

Keep watching. I give it 12 weeks, 16 at the most.

 

[R-T-B]

Keep watching. I give it 12 weeks, 16 at the most.

I'd bet but I only have my PC, and I ain't risking her.

 

[Solaris17]

Keep watching. I give it 12 weeks, 16 at the most.

uh huh.

12 weeks form when?

4 years ago?

GitHub - ReversecLabs/bitlocker-spi-toolkit: Tools for decoding TPM SPI transaction and extracting the BitLocker key from them.

Tools for decoding TPM SPI transaction and extracting the BitLocker key from them. - ReversecLabs/bitlocker-spi-toolkit

github.com

12 weeks from 5 years ago?

Extracting BitLocker keys from a TPM

Extracting BitLocker keys sealed with a TPM by sniffing the LPC bus

pulsesecurity.co.nz

12 weeks from 10 years ago?

DEF CON 20 - Attacking TPM Part 2 - Chris Tarnovsky

or 12 weeks from this becoming popular as of 5 days ago because the IT industry has the attention span of a goldfish?

Taking cryptographic keys from the bus isnt new at all. Those 3 examples are for bitlocker specifically.

I think it will rain atleast 6 times probably 7 from now until december. Am I a prophet yet?

 

[lexluthermiester]

Do I really need to jigsaw-puzzle this for you? Come on you're smart enough to figure out what I'm talking about.

 

[ShiBDiB]

The tinfoil came out quick here.

 

[lexluthermiester]

The tinfoil came out quick here.

Oh save it. This is not tinhat crap. This is the kind of thing microsoft is known for. They cave whenever a government flexes on them.

 

[Assimilator]

The tinfoil came out quick here.

It comes out quickly whenever Windows is mentioned. It's primarily driven by personality defects, namely the narcissistic belief that they're somehow important enough for Microsoft to want to spy on them.

 

[Onasi]

If you are absolutely serious about security (like actually working with incredibly sensitive data), then you are not running BitLocker for that. Hell, chances are you aren’t running Windows at all. For anyone for whom BitLocker is a useful feature - just don’t leave your PC unattended in a public place. And no, Microsoft isn’t using deliberate security holes to read your files. Come on.
Every time a big security hole is “exposed” it turns out that direct hardware access is required and instantly this nullifies any potential worries a sane person might have. This is sensationalism of highest order. This doesn’t mean that the findings are not correct, they are. It just doesn’t mean much.

 

[Shihab]

Through the network - then you can do it from the other side of the world.

Which is a vector that has its own sets of measures and mitigations to address. Bitlocker et al are meant to protect data in cases of physical access, not network intrusion.
Physical access isn't a limitation, it's the entire scope here.