[BitLocker:] One USB key for more than one computer

USB+PIN (without a TPM) is not secure. I've posted about this somewhere
before, but basically without the anti-hammering ability of a TPM, a PIN can
trivially (within a few days) be cracked brute-force negating any benefit of
having it.

I considered it, then Niels (the cryptographer) gave me a reality check
-
Jamie Hunter [MS]

"Alun Jones [MS-MVP - Windows Security]" <alun@texis.invalid> wrote in
message news:aPadnVnv2sl16FLYnZ2dnUVZ_hOdnZ2d@comcast.com...
> "Paul Adare" <padare@newsguy.com> wrote in message
> news:MPG.202fc3d9eacff16998a3d7@msnews.microsoft.com...
>> In article <72FF4DFD-2112-4A3D-9AD7-F02B308B5FE1@microsoft.com>,
>> in the microsoft.public.windows.vista.security news group, =?
>> Utf-8?B?Sm9uYXRoYW4gU2Nod2FydHogMg==?= <JonathanSchwartz2
>> @discussions.microsoft.com> says...
>>
>>> Hello Thomas D.,
>>>
>>> First, a TPM Module is -not- absolutely necessary.
>>>
>>> Second, must have one TPM+PIN+USB-key for each HDD that has BitLocker
>>> Activated. <(that statement is greatly condensed!)
>>
>> This is wrong. In the first place, you can't currently use both
>> a TPM with a PIN and store the encryption key on a USB disk. The
>> TPM+PIN+USB feature is being looked at for Vista SP1. Secondly,
>> if you're using a USB device to store the key, then you do not
>> need a separate USB device for each key. You can store multiple
>> keys on a single USB device.
>
>
> Please tell me they're also working on "PIN+USB" for those of us without a
> TPM in our existing laptops.
>
> I'm _so_ not going to tell my corporate masters that they need to replace
> several hundred laptops over the coming year before we implement Vista,
> not because they can't run Vista, but because Vista's implementation of
> BitLocker doesn't let them use a PIN without a TPM.
>
> Alun.
> ~~~~
> --
> Texas Imperial Software | Web: http://www.wftpd.com/
> 23921 57th Ave SE | Blog: http://msmvps.com/alunj/
> Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
> Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.
>
>

USB+PIN (without a TPM)

>I considered it, then Niels (the cryptographer) gave me a reality check

Yes Niels really knows his stuff.

I'm convinced very soon we'll see 3rd party vendors providing smartcards + pin that integrate with bitlocker.

"Jamie Hunter [MS]" <jamiehun@nospam.microsoft.com> wrote in message
news:0D62472A-A3E4-4CB3-B4CC-E03C2FA95072@microsoft.com...
> USB+PIN (without a TPM) is not secure. I've posted about this somewhere
> before, but basically without the anti-hammering ability of a TPM, a PIN
> can trivially (within a few days) be cracked brute-force negating any
> benefit of having it.
>
> I considered it, then Niels (the cryptographer) gave me a reality check

Pass this by Niels:

Many corporate laptops do not have a TPM chip, but need to be protected
against theft.

USB alone is somewhat secure, as long as you can persuade the users to
remove the USB keys. If the USB key is left with the laptop, and the pair is
stolen, there is no barrier to entry. A USB key can be trivially cracked
brute force by simply plugging it in when you boot.

USB plus a PIN is a higher barrier to entry than USB alone, and may be a
sufficiently high barrier to cause the thief to simply wipe the drive,
rather than try to whack his way through a PIN.

Replacing a company's entire fleet of laptops is unlikely to happen
immediately - wouldn't it be nice if your data on those laptops was
protected, even if only against the guy who doesn't have several days to
hack into it, until the spanking new laptops get deployed?

Sometimes it's difficult to remind cryptographers that "better than I have
right now" is often worth achieving, for people who find "best possible" to
be unobtainable.

Alun.
~~~~