Vista Forums - View Single Post

**stormy13** · 08-15-2008

Quote: Originally Posted by echrada

TPM stands for Trusted Platform Module - and it would be installed in your computer as a chip - if you do not have that installed in your machine, bitlocker will be of no value to you.

Not quite, you can use a USB to store the encryption data,

Quote:

There are three implementation models for BitLocker encryption.[5] Two models require a cryptographic hardware chip called a Trusted Platform Module (version 1.2 or later) and a compatible BIOS. A third model does not have the TPM chip requirement:

Transparent operation mode: This mode exploits the capabilities of the TPM 1.2 hardware to provide for a transparent user experience—the user logs onto Windows Vista as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing Group. This mode is vulnerable to a cold boot attack, as it allows a machine to be booted by an attacker.
User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported: a pre-boot PIN entered by the user, or a USB key.

The third model, without the TPM chip requirement:

USB Key Mode: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment.

BitLocker Drive Encryption - Wikipedia, the free encyclopedia

08-15-2008	#3 (permalink)
stormy13 Vista Ultimate x64 607 posts	Re: Bitlocker!! Why doesnt it work? Quote: Originally Posted by echrada TPM stands for Trusted Platform Module - and it would be installed in your computer as a chip - if you do not have that installed in your machine, bitlocker will be of no value to you. Not quite, you can use a USB to store the encryption data, Quote: There are three implementation models for BitLocker encryption.[5] Two models require a cryptographic hardware chip called a Trusted Platform Module (version 1.2 or later) and a compatible BIOS. A third model does not have the TPM chip requirement: Transparent operation mode: This mode exploits the capabilities of the TPM 1.2 hardware to provide for a transparent user experience—the user logs onto Windows Vista as normal. The key used for the disk encryption is sealed (encrypted) by the TPM chip and will only be released to the OS loader code if the early boot files appear to be unmodified. The pre-OS components of BitLocker achieve this by implementing a Static Root of Trust Measurement—a methodology specified by the Trusted Computing Group. This mode is vulnerable to a cold boot attack, as it allows a machine to be booted by an attacker. User authentication mode: This mode requires that the user provide some authentication to the pre-boot environment in order to be able to boot the OS. Two authentication modes are supported: a pre-boot PIN entered by the user, or a USB key. The third model, without the TPM chip requirement: USB Key Mode: The user must insert a USB device that contains a startup key into the computer to be able to boot the protected OS. Note that this mode requires that the BIOS on the protected machine supports the reading of USB devices in the pre-OS environment. BitLocker Drive Encryption - Wikipedia, the free encyclopedia
My System Specs