I’ve spent the last
week or so researching Bitlocker as a replacement for a third party whole disk
encryption product. Microsoft previously recommended pre-boot authentication as
a best practice but with Windows 8.1+ they say the following which I’m starting
to agree with after some research:
“In the end, many customers will find that pre-boot
authentication improves security only for a shrinking subset of devices within
their organization. Microsoft recommends a careful examination of the attack
vectors and mitigations outlined in this document along with an evaluation of
your devices before choosing to implement pre-boot authentication, which may
not enhance the security of your devices and instead will only compromise the
user experience and add to support costs.” - https://technet.microsoft.com/en-us/itpro/windows/keep-secure/choose-the-right-bitlocker-countermeasure
I’ve read about
different Bitlocker attacks including Cold Boot where they freeze the memory of
a running system to extract the contents. It sounds like this is technically
possibly the results are very unreliable and highly dependent on type and size
of memory, etc.
I also read about
the “Evil Maid” attack from 2009 which is mitigated by effectively implementing
Secure Boot. Similarly there was
some research done by Ian Haken where he takes advantage of a vulnerability in
Windows on a Bitlocker TPM Only system by tricking it into authenticating to a
domain controller he controls and poisoning the Windows cache. This has since
been patched with MS15-122 and MS16-014.
There are also
Direct Memory Attacks (DMA) which “allows
certain types of hardware devices to communicate directly with a device’s
system memory. For example, if you use Thunderbolt to connect another device to
your computer, the second device automatically has Read and Write access to the
target computer’s memory.” This really isn’t a concern unless your
device has a Firewire, Thunderbolt port or similar and if it does you can often
disable the port via BIOS.
My Conclusion
Certainly pre-boot authentication is a more secure setup as it is one more hoop
for an attacker to jump through. Pre-boot authentication would prevent DMA, Cold
Boot, and the attacks that have since been patched. However, if your devices
don’t have ports that allow DMA attacks, TPM Only Bitlocker is probably sufficient for most organizations as long as you ensure Secure Boot is enabled, a
Supervisor/BIOS password, and Boot Order is set to only boot to the hard drive. It might make sense to take advantage of the usability benefits of TPM+Only on low risk assets and implement TPM+PIN on higher risk assets.
_________________________________________________________________________
Below is a good
excerpt from this article: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/protect-bitlocker-from-pre-boot-attacks
For many years, Microsoft has recommended using pre-boot authentication to protect against DMA and memory remanence attacks. Today, Microsoft only recommends using pre-boot authentication on PCs where the mitigations described in this document cannot be implemented. These mitigations may be inherent to the device or may come by way of configurations that IT can provision to devices and Windows itself.
Although effective, pre-boot authentication is
inconvenient to users. In addition, if a user forgets their PIN or loses their
startup key, they’re denied access to their data until they can contact their
organization’s support team to obtain a recovery key. Today, most new PCs
running Windows 10, Windows 8.1, or Windows 8 provide sufficient protection
against DMA attacks without requiring pre-boot authentication. For example,
most modern PCs include USB port options (which are not vulnerable to DMA attacks)
but do not include FireWire or Thunderbolt ports (which are vulnerable to DMA
attacks).
BitLocker-encrypted devices with DMA ports enabled,
including FireWire or Thunderbolt ports, should be configured with pre-boot
authentication if they are running Windows 10, Windows 7, Windows 8, or Windows
8.1 and disabling the ports using policy or firmware configuration is not an
option. Windows 8.1 and later InstantGo devices do not need pre-boot
authentication to defend against DMA-based port attacks, as the ports will not
be present on certified devices. A non-InstantGo Windows 8.1 and later device
requires pre-boot authentication if DMA ports are enabled on the device and
additional mitigations described in this document are not implemented. Many
customers find that the DMA ports on their devices are never used, and they
choose to eliminate the possibility of an attack by disabling the DMA ports
themselves, either at the hardware level or through Group Policy. Many new
mobile devices have the system memory soldered to the motherboard, which helps
prevent the cold boot–style attack, where the system memory is frozen, removed,
and then placed into another device. Those devices, and most PCs, can still be
vulnerable when booting to a malicious operating system, however.
You can mitigate the risk of booting to a malicious
operating system:
- Windows 10 (without Secure Boot), Windows 8.1 (without Secure Boot), Windows 8 (without UEFI-based Secure Boot), or Windows 7 (with or without a TPM). Disable booting from external media, and require a firmware password to prevent the attacker from changing that option.
- Windows 10, Windows 8.1, or Windows 8 (certified or with Secure Boot). Password protect the firmware, and do not disable Secure Boot.
1 comment:
Very good research!
Post a Comment