Bitlocker passphrase only

12-11-2006

I am confused about bitlocker. Can I install bitlocker on a computer that
has NO TPM chip and just use a passphrase only with no usb key?

If I have to use a USB key can anyone who has that USB key break my bitlocker?

Can I buy a TPM PCI card?

niknik · 12-11-2006

>Can I install bitlocker on a computer that has NO TPM chip and just use a passphrase only with no usb key?

That would be using only the recovery password. it is possible from the infrastructure, but I'm not sure how you'd set this.

>If I have to use a USB key can anyone who has that USB key break my bitlocker?

They would not "BREAK" it. they would access it normally, since possesion of the usb - stored key would enable access.

Nik

12-11-2006

This is specifically not allowed, because it is a very weak solution subject
to dictionary and brute-force attacks.
The recovery password is 128 bits of random entropy, with salt and
stretching (giving an effective cryptographic strength of 160 bits if I
recall).
The TPM+PIN solution uses hardware to insert a non-resettable delay to the
extent that a 4 digit pin would take an entire year to crack. To understand
the power of the hardware, without hardware, a 4 digit purely random pin
would be cracked in a fraction of a day even with good key stretching
algorithms.

The 128 bit recovery key (which is generated using the cryptographic random
number generator) would take 10^31 years (or thereabouts) to crack on
current processor architectures (due to the salt and stretching algorithm).

See http://en.wikipedia.org/wiki/Password_strength for an analysis on strong
passwords.

-
Jamie Hunter [MS]

"lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message
news:F76A6648-4EAD-4C1B-916F-2CAB7D96EDDB@microsoft.com...
>I am confused about bitlocker. Can I install bitlocker on a computer that
> has NO TPM chip and just use a passphrase only with no usb key?
>
> If I have to use a USB key can anyone who has that USB key break my
> bitlocker?
>
> Can I buy a TPM PCI card?

12-12-2006

So Basically if I am like 90% of people and am Lazy and leave the USB key in
the computer anyone can just turn it on and access everything ??

"niknik" wrote:

>
> >Can I install bitlocker on a computer that has NO TPM chip and just use
> a passphrase only with no usb key?
>
> That would be using only the recovery password. it is possible from the
> infrastructure, but I'm not sure how you'd set this.
>
> >If I have to use a USB key can anyone who has that USB key break my
> bitlocker?
>
> They would not "BREAK" it. they would access it normally, since
> possesion of the usb - stored key would enable access.
>
> Nik
>
>
> --
> niknik
> ------------------------------------------------------------------------
> niknik's Profile: http://vista64.net/forums/member.php?userid=637
> View this thread: http://vista64.net/forums/showthread.php?t=29092
>
>

niknik · 12-12-2006

>I am Lazy and leave the USB key ... anyone can just turn it on

Yes. This applies to TPM w/o pin as well.

If you leave the keys in your car anybody who is there can drive it.

That's why you either: take the USB key with you or use TPM+pin.

TPM + pin is VERY secure. And other avenues of attack are very very hard.
(brute forcing AES 128/256 bit.....)

It is a smart thing to do to not allow people to put in passwords!

12-12-2006

If you use USB by itself (no TPM), then yes that is correct. This is why
USB+TPM is much preferred over USB only. However if you don't have a TPM
chip, your options are limited. Changing habbits (such as, attaching the usb
to your keys) can help improve things.

USB+PIN would be useless, as a PIN would be cracked within hours. This is
why it's not an option.
-
Jamie Hunter [MS]

"lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message
news:070915DE-9AB6-4B57-A667-E2ACAE18BC67@microsoft.com...
> So Basically if I am like 90% of people and am Lazy and leave the USB key
> in
> the computer anyone can just turn it on and access everything ??
>
> "niknik" wrote:
>
>>
>> >Can I install bitlocker on a computer that has NO TPM chip and just use
>> a passphrase only with no usb key?
>>
>> That would be using only the recovery password. it is possible from the
>> infrastructure, but I'm not sure how you'd set this.
>>
>> >If I have to use a USB key can anyone who has that USB key break my
>> bitlocker?
>>
>> They would not "BREAK" it. they would access it normally, since
>> possesion of the usb - stored key would enable access.
>>
>> Nik
>>
>>
>> --
>> niknik
>> ------------------------------------------------------------------------
>> niknik's Profile: http://vista64.net/forums/member.php?userid=637
>> View this thread: http://vista64.net/forums/showthread.php?t=29092
>>
>>

niknik · 12-16-2006

	Quote:	Jamie Hunter [MS]
	The recovery password is 128 bits of random entropy, with salt and stretching (giving an effective cryptographic strength of 160 bits if I recall).

Ah yes - the chained sha 256 hashing. One million iterations. Really impedes brute-forcing. Neat.
Would make passwords a bit safer to use, like the master keys. But then starting with 128 bit of random data would likely hold even if sha256 would be broken.

12-21-2006

But if the hard drive is moved from the computer with the TPM, to one
without the TPM, what does the security come down to? A system generated
recovery key? With the TPM out of the way, can the user theoretically then
interpose fraudulent or hacked boot code to allow automated entry of a
password generator, or even bypass the recovery key prompt?
Or does moving the drive in this scenario mean that the system will not
decrypt (at least, will not accept any password or recovery key)?

Finally, there appears to be an option to prevent the creation of a recovery
key. Would that be more secure in this scenario?

Thanks for clearing this up.

"Jamie Hunter [MS]" <jamiehun@nospam.microsoft.com> wrote in message
news:07810704-F55A-4479-9409-87E66E2F4291@microsoft.com...
> This is specifically not allowed, because it is a very weak solution
> subject to dictionary and brute-force attacks.
> The recovery password is 128 bits of random entropy, with salt and
> stretching (giving an effective cryptographic strength of 160 bits if I
> recall).
> The TPM+PIN solution uses hardware to insert a non-resettable delay to the
> extent that a 4 digit pin would take an entire year to crack. To
> understand the power of the hardware, without hardware, a 4 digit purely
> random pin would be cracked in a fraction of a day even with good key
> stretching algorithms.
>
> The 128 bit recovery key (which is generated using the cryptographic
> random number generator) would take 10^31 years (or thereabouts) to crack
> on current processor architectures (due to the salt and stretching
> algorithm).
>
> See http://en.wikipedia.org/wiki/Password_strength for an analysis on
> strong passwords.
>
> -
> Jamie Hunter [MS]
>
> "lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message
> news:F76A6648-4EAD-4C1B-916F-2CAB7D96EDDB@microsoft.com...
>>I am confused about bitlocker. Can I install bitlocker on a computer that
>> has NO TPM chip and just use a passphrase only with no usb key?
>>
>> If I have to use a USB key can anyone who has that USB key break my
>> bitlocker?
>>
>> Can I buy a TPM PCI card?
>

niknik · 12-26-2006

	Quote:	Tech_vs_Life
	But if the hard drive is moved from the computer with the TPM, to one without the TPM, what does the security come down to? A system generated recovery key? With the TPM out of the way, can the user theoretically then interpose fraudulent or hacked boot code to allow automated entry of a password generator, or even bypass the recovery key prompt?

Yes they can - but then they would not have the FVEK ( the decryption key needed for the sectors). You could not boot into Vista.

	Quote:	Tech_vs_Life
	Finally, there appears to be an option to prevent the creation of a recovery key. Would that be more secure in this scenario?

You can't prevent the recovery key from being created. You could wipe it later off the USB flash drive. But if the hardware changes ( motherboard failure ) then BitLocker goes into "recovery mode" where you will need the recovery key or password to boot / gain access to the data.

Nik

12-26-2006

> You can't prevent the recovery key from being created.

Okay, I see you can disable the 48-digit recovery password, but not the
256-bit recovery key (unless you turn on Active Directory backup, which I
assume also creates a recovery password and/or key). It would be good to
allow the user to select his own recovery key file rather than rely on a
system-generated key, but there is no such option.

> Yes they can - but then they would not have the FVEK ( the decryption
> key needed for the sectors). You could not boot into Vista.

Well, as I understand it, the FVEK is available on the drive, but it's been
encrypted by the VMK. Is the VMK a combination of a key stored in the TPM
and an optional PIN or USB key? In any case, does the recovery key function
as another, second VMK? In that case, if the hard drive is moved to another
computer without the TPM or PIN, then all you need is the 256-bit recovery
key to decrypt the FVEK (and theoretically could use hacked boot code to
repeatedly generate recovery keys). Otherwise, what is use of the recovery
key? Or is it the case that, if the key was originally stored in the TPM,
then the data cannot be decrypted without the TPM, even if you have the
recovery key? (but that makes the recovery key seem useless.) There's
probably a simple answer that I didn't come across.

Thanks.

"niknik" <niknik.2jfv9a@no-mx.vista64.net> wrote in message
news:niknik.2jfv9a@no-mx.vista64.net...
>
> Tech_vs_Life Wrote:
>> But if the hard drive is moved from the computer with the TPM, to one
>> without the TPM, what does the security come down to? A system
>> generated
>> recovery key? With the TPM out of the way, can the user theoretically
>> then
>> interpose fraudulent or hacked boot code to allow automated entry of a
>> password generator, or even bypass the recovery key prompt?
>>
>
> Yes they can - but then they would not have the FVEK ( the decryption
> key needed for the sectors). You could not boot into Vista.

>
> Tech_vs_Life Wrote:
>>
>> Finally, there appears to be an option to prevent the creation of a
>> recovery
>> key. Would that be more secure in this scenario?
>>
>
> You can't prevent the recovery key from being created. You could wipe
> it later off the USB flash drive. But if the hardware changes (
> motherboard failure ) then BitLocker goes into "recovery mode" where
> you will need the recovery key or password to boot / gain access to the
> data.

>
>
> Nik
>
>
> --
> niknik
> ------------------------------------------------------------------------
> niknik's Profile: http://vista64.net/forums/member.php?userid=637
> View this thread: http://vista64.net/forums/showthread.php?t=29092
>

12-11-2006	#1 (permalink)
lvjobhunt Guest n/a posts	Bitlocker passphrase only I am confused about bitlocker. Can I install bitlocker on a computer that has NO TPM chip and just use a passphrase only with no usb key? If I have to use a USB key can anyone who has that USB key break my bitlocker? Can I buy a TPM PCI card?
My System Specs

12-11-2006	#2 (permalink)
niknik Junior Member Join Date: Nov 2006 19 posts Rep Power: 15	>Can I install bitlocker on a computer that has NO TPM chip and just use a passphrase only with no usb key? That would be using only the recovery password. it is possible from the infrastructure, but I'm not sure how you'd set this. >If I have to use a USB key can anyone who has that USB key break my bitlocker? They would not "BREAK" it. they would access it normally, since possesion of the usb - stored key would enable access. Nik
My System Specs

12-11-2006	#3 (permalink)
Jamie Hunter [MS] Guest n/a posts	Re: Bitlocker passphrase only This is specifically not allowed, because it is a very weak solution subject to dictionary and brute-force attacks. The recovery password is 128 bits of random entropy, with salt and stretching (giving an effective cryptographic strength of 160 bits if I recall). The TPM+PIN solution uses hardware to insert a non-resettable delay to the extent that a 4 digit pin would take an entire year to crack. To understand the power of the hardware, without hardware, a 4 digit purely random pin would be cracked in a fraction of a day even with good key stretching algorithms. The 128 bit recovery key (which is generated using the cryptographic random number generator) would take 10^31 years (or thereabouts) to crack on current processor architectures (due to the salt and stretching algorithm). See http://en.wikipedia.org/wiki/Password_strength for an analysis on strong passwords. - Jamie Hunter [MS] "lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message news:F76A6648-4EAD-4C1B-916F-2CAB7D96EDDB@microsoft.com... >I am confused about bitlocker. Can I install bitlocker on a computer that > has NO TPM chip and just use a passphrase only with no usb key? > > If I have to use a USB key can anyone who has that USB key break my > bitlocker? > > Can I buy a TPM PCI card?
My System Specs

12-12-2006	#4 (permalink)
lvjobhunt Guest n/a posts	Re: Bitlocker passphrase only So Basically if I am like 90% of people and am Lazy and leave the USB key in the computer anyone can just turn it on and access everything ?? "niknik" wrote: > > >Can I install bitlocker on a computer that has NO TPM chip and just use > a passphrase only with no usb key? > > That would be using only the recovery password. it is possible from the > infrastructure, but I'm not sure how you'd set this. > > >If I have to use a USB key can anyone who has that USB key break my > bitlocker? > > They would not "BREAK" it. they would access it normally, since > possesion of the usb - stored key would enable access. > > Nik > > > -- > niknik > ------------------------------------------------------------------------ > niknik's Profile: http://vista64.net/forums/member.php?userid=637 > View this thread: http://vista64.net/forums/showthread.php?t=29092 > >
My System Specs

12-12-2006	#5 (permalink)
niknik Junior Member Join Date: Nov 2006 19 posts Rep Power: 15	>I am Lazy and leave the USB key ... anyone can just turn it on Yes. This applies to TPM w/o pin as well. If you leave the keys in your car anybody who is there can drive it. That's why you either: take the USB key with you or use TPM+pin. TPM + pin is VERY secure. And other avenues of attack are very very hard. (brute forcing AES 128/256 bit.....) It is a smart thing to do to not allow people to put in passwords!
My System Specs

12-12-2006	#6 (permalink)
Jamie Hunter [MS] Guest n/a posts	Re: Bitlocker passphrase only If you use USB by itself (no TPM), then yes that is correct. This is why USB+TPM is much preferred over USB only. However if you don't have a TPM chip, your options are limited. Changing habbits (such as, attaching the usb to your keys) can help improve things. USB+PIN would be useless, as a PIN would be cracked within hours. This is why it's not an option. - Jamie Hunter [MS] "lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message news:070915DE-9AB6-4B57-A667-E2ACAE18BC67@microsoft.com... > So Basically if I am like 90% of people and am Lazy and leave the USB key > in > the computer anyone can just turn it on and access everything ?? > > "niknik" wrote: > >> >> >Can I install bitlocker on a computer that has NO TPM chip and just use >> a passphrase only with no usb key? >> >> That would be using only the recovery password. it is possible from the >> infrastructure, but I'm not sure how you'd set this. >> >> >If I have to use a USB key can anyone who has that USB key break my >> bitlocker? >> >> They would not "BREAK" it. they would access it normally, since >> possesion of the usb - stored key would enable access. >> >> Nik >> >> >> -- >> niknik >> ------------------------------------------------------------------------ >> niknik's Profile: http://vista64.net/forums/member.php?userid=637 >> View this thread: http://vista64.net/forums/showthread.php?t=29092 >> >>
My System Specs

12-21-2006	#8 (permalink)
Tech_vs_Life Guest n/a posts	Re: Bitlocker passphrase only But if the hard drive is moved from the computer with the TPM, to one without the TPM, what does the security come down to? A system generated recovery key? With the TPM out of the way, can the user theoretically then interpose fraudulent or hacked boot code to allow automated entry of a password generator, or even bypass the recovery key prompt? Or does moving the drive in this scenario mean that the system will not decrypt (at least, will not accept any password or recovery key)? Finally, there appears to be an option to prevent the creation of a recovery key. Would that be more secure in this scenario? Thanks for clearing this up. "Jamie Hunter [MS]" <jamiehun@nospam.microsoft.com> wrote in message news:07810704-F55A-4479-9409-87E66E2F4291@microsoft.com... > This is specifically not allowed, because it is a very weak solution > subject to dictionary and brute-force attacks. > The recovery password is 128 bits of random entropy, with salt and > stretching (giving an effective cryptographic strength of 160 bits if I > recall). > The TPM+PIN solution uses hardware to insert a non-resettable delay to the > extent that a 4 digit pin would take an entire year to crack. To > understand the power of the hardware, without hardware, a 4 digit purely > random pin would be cracked in a fraction of a day even with good key > stretching algorithms. > > The 128 bit recovery key (which is generated using the cryptographic > random number generator) would take 10^31 years (or thereabouts) to crack > on current processor architectures (due to the salt and stretching > algorithm). > > See http://en.wikipedia.org/wiki/Password_strength for an analysis on > strong passwords. > > - > Jamie Hunter [MS] > > "lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message > news:F76A6648-4EAD-4C1B-916F-2CAB7D96EDDB@microsoft.com... >>I am confused about bitlocker. Can I install bitlocker on a computer that >> has NO TPM chip and just use a passphrase only with no usb key? >> >> If I have to use a USB key can anyone who has that USB key break my >> bitlocker? >> >> Can I buy a TPM PCI card? >
My System Specs

12-26-2006	#10 (permalink)
Tech_vs_Life Guest n/a posts	Re: Bitlocker passphrase only > You can't prevent the recovery key from being created. Okay, I see you can disable the 48-digit recovery password, but not the 256-bit recovery key (unless you turn on Active Directory backup, which I assume also creates a recovery password and/or key). It would be good to allow the user to select his own recovery key file rather than rely on a system-generated key, but there is no such option. > Yes they can - but then they would not have the FVEK ( the decryption > key needed for the sectors). You could not boot into Vista. Well, as I understand it, the FVEK is available on the drive, but it's been encrypted by the VMK. Is the VMK a combination of a key stored in the TPM and an optional PIN or USB key? In any case, does the recovery key function as another, second VMK? In that case, if the hard drive is moved to another computer without the TPM or PIN, then all you need is the 256-bit recovery key to decrypt the FVEK (and theoretically could use hacked boot code to repeatedly generate recovery keys). Otherwise, what is use of the recovery key? Or is it the case that, if the key was originally stored in the TPM, then the data cannot be decrypted without the TPM, even if you have the recovery key? (but that makes the recovery key seem useless.) There's probably a simple answer that I didn't come across. Thanks. "niknik" <niknik.2jfv9a@no-mx.vista64.net> wrote in message news:niknik.2jfv9a@no-mx.vista64.net... > > Tech_vs_Life Wrote: >> But if the hard drive is moved from the computer with the TPM, to one >> without the TPM, what does the security come down to? A system >> generated >> recovery key? With the TPM out of the way, can the user theoretically >> then >> interpose fraudulent or hacked boot code to allow automated entry of a >> password generator, or even bypass the recovery key prompt? >> > > Yes they can - but then they would not have the FVEK ( the decryption > key needed for the sectors). You could not boot into Vista. > > Tech_vs_Life Wrote: >> >> Finally, there appears to be an option to prevent the creation of a >> recovery >> key. Would that be more secure in this scenario? >> > > You can't prevent the recovery key from being created. You could wipe > it later off the USB flash drive. But if the hardware changes ( > motherboard failure ) then BitLocker goes into "recovery mode" where > you will need the recovery key or password to boot / gain access to the > data. > > > Nik > > > -- > niknik > ------------------------------------------------------------------------ > niknik's Profile: http://vista64.net/forums/member.php?userid=637 > View this thread: http://vista64.net/forums/showthread.php?t=29092 >
My System Specs

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Restored Factory Settings on Laptop that had BitLocker - Now want to do bitlocker again	Blake Mengotto	Vista General	0	08-24-2008 04:39 PM
network passphrase	sjs3674	Vista networking & sharing	1	04-19-2008 03:15 PM
passphrase or security key	smeg ed	Vista networking & sharing	2	02-04-2008 08:30 AM
Unable to Change WEP Passphrase	IDICWorld	Vista networking & sharing	5	01-09-2008 09:11 AM
Locating or making a new passphrase	scrabo69	Vista networking & sharing	1	10-28-2007 07:38 PM