BitLocker encryption gets broken in 43 seconds with a Raspberry Pi

0 12

By Matthew Griffin Security and Privacy 5th March 2024

WHY THIS MATTERS IN BRIEF

In time we’re going to be able to break most of today’s encryption systems using quantum computers, but in this case a humble Raspberry Pi did it …

Love the Exponential Future? Join our XPotential Community, future proof yourself with courses from XPotential University, read about exponential tech and trends, connect, watch a keynote, or browse my blog.

While we talk about quantum computers being able to crack 70% of all global encryption systems in the future back in the here and now we’ve just seen Bitlocker cracked. And in record time. And if you haven’t heard of Bitlocker then it’s a popular kind of encryption used by the Windows OS to improve data security by protecting system files and personal data using the AES encryption algorithm. Basically, it’s an important measure for people who need additional security, enabling PC users to safely encrypt and protect data from potential attackers. However, new research shows that it can be easily cracked using inexpensive, off-the-shelf hardware.

Researchers warn we could run out of data to train AI's by 2026

In a YouTube video, security researcher Stacksmashing demonstrated that hackers can extract the BitLocker encryption key from Windows PCs in just 43 seconds using a $4 Raspberry Pi Pico. According to the researcher, targeted attacks can bypass BitLocker’s encryption by directly accessing the hardware and extracting the encryption keys stored in the computer’s Trusted Platform Module (TPM) via the LPC bus.

The Future of Cyber Keynote, by Futurist Matthew Griffin

The attack was possible due to a design flaw found in devices with dedicated TPMs, like modern laptops and desktops. As explained by the researcher, BitLocker sometimes uses external TPMs to store key information, such as the Platform Configuration Registers and Volume Master Key. However, as it turns out, the communication lanes (LPC bus) between the CPU and external TPM remain unencrypted on boot-up, allowing threat actors to sniff any traffic between the two modules and extract the encryption keys.

Super molecules help researchers create stable Qubits for Quantum computers

To carry out his proof-of-concept attack, Stacksmashing used a ten-year-old laptop with BitLocker encryption and then programmed the Raspberry Pi Pico to read the raw binary code from the TPM to gain access to the Volume Master Key. Thereafter, he used Dislocker with the recently-acquired Volume Master Key to decrypt the drive.

See how they did it

It is worth noting that this is not the first time we’re hearing about somebody bypassing BitLocker encryption. Last year, cybersecurity researcher Guillaume Quéré demonstrated how the BitLocker full volume encryption system can allow users to eavesdrop on any traffic between the discrete TPM chip and CPU via an SPI bus. However, Microsoft claimed that defeating BitLocker encryption is a long and cumbersome process that requires lengthy access to the hardware.

DARPA selects Gryphon to build world's first ever nuclear rocket engine

This latest development has now shown that BitLocker can be bypassed much more easily than previously thought, and raises pertinent questions about existing encryption methodologies. It remains to be seen whether Microsoft will root out this particular vulnerability from BitLocker, but in the long run, security researchers need to do a better job of identifying and fixing potential security loopholes before they become a problem for users.

Matthew Griffin / About Author

Matthew Griffin, multi-award winning Futurist and named Futurist of the Year 2024, has been described as a "Walking encyclopaedia of the future" by NASA and a futurist polymath. One of the world's most renowned futurists and strategic foresight experts Matthew is the 15 times author of the blockbuster "Codex of the Future" series, and is the Founder and Futurist in Chief of the 311 Institute, a global Futures and Deep Futures advisory firm working across the next 50 years, XPotential University, the world's first free futures and foresight university, and the World Futures Forum which works with the United Nations to solve the worlds greatest challenges. Matthew is an in demand international keynote, acclaimed university lecturer and mentor, and host of the hit Fanatical Futurist podcast.

A rare talent in his past Matthew helped build and run several multi-billion dollar business units for Atos, Dell-EMC, and IBM, and his ability to identify, track, and explain the impacts of hundreds of emerging technologies and trends on global business, culture, and society has earned him a powerful reputation and a roster of clients that include royal households, world leaders, G7, G20, and G77+ governments, and many of the world's most respected brands including ABB, Accenture, Adidas, AON, ARM, BCG, Centrica, Citi Group, Coca Cola, Dentons, Deloitte, Disney, Dow, EY, KPMG, Lego, Legal & General, LinkedIn, Microsoft, PepsiCo, Qualcomm, RWE, Samsung, T-Mobile, UBS, VISA, and many others. He was also the only futurist invited to talk at the UN COP28 held in Dubai alongside world leaders.

Regularly featured in the global media including the AP, BBC, Bloomberg, CNBC, Discovery, Forbes, Khaleej Times, Telegraph, TIME, ViacomCBS, WIRED, and the WSJ, Matthews mission is to help organisations create a fair and sustainable future whose benefits are shared by everyone irrespective of their ability, background, or circumstances.