Scribd
Upload
497 views

BitLocker Flow

This paper provides information about Microsoft(r) BitLocker(tm) It provides guidelines for It administrators and advanced users to understand the different scenarios that BitLocker supports. It also explains the user interfaces that help set up and manage keys in the product.

Uploaded by

Troy Altman
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
497 views

BitLocker Flow

This paper provides information about Microsoft(r) BitLocker(tm) It provides guidelines for It administrators and advanced users to understand the different scenarios that BitLocker supports. It also explains the user interfaces that help set up and manage keys in the product.

Uploaded by

Troy Altman
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 36

BitLocker Drive Encryption:

Scenarios, User Experience, and


Flow
May 16, 2006

Abstract
This paper provides information about Microsoft® BitLocker™, a security feature
that is available in certain Microsoft Windows® operating systems. It provides
guidelines for IT administrators and advanced users to understand the different
scenarios that BitLocker supports, the user interfaces that help set up and manage
keys in the product, and the user experience flow.
This information applies for the Microsoft Windows Vista™ operating system.
The current version of this paper is maintained on the Web at:
http://www.microsoft.com/whdc/system/platform/hwsecurity/BitLockerFlow.mspx
Contents
Overview..................................................................................................................................3
Basic BitLocker Use Scenario (TPM-Only)..............................................................................4
Two-Layer Protection Use Scenarios......................................................................................6
Two-Factor Protection: TPM and PIN.................................................................................7
Two-Layer Protection: TPM and Startup Key......................................................................8
Startup Key–Only Use Scenario............................................................................................10
Recovery Use Scenarios.......................................................................................................12
Accessing a Protected Volume by Using a Recovery Key ...............................................13
Accessing a Protected Volume by Using a Recovery Password .....................................14
Disabling Protection Use Scenario........................................................................................16
BitLocker Setup Wizard User Experience..............................................................................17
Control Panel Main Page..................................................................................................18
Option to Use a Startup Key or PIN for Added Security....................................................18
Save a Startup Key on a USB Drive.................................................................................19
Set a Startup PIN..............................................................................................................20
Create a Recovery Password ..........................................................................................21
Option to Save the Recovery Password...........................................................................22
Save a Recovery Password to a USB Drive.....................................................................22
Show the Recovery Password..........................................................................................23
Print the Recovery Password............................................................................................23
Save the Password in a Folder.........................................................................................24
Recovery Warning ............................................................................................................24
Encrypt the Volume...........................................................................................................25
Pre-Windows Boot and Recovery User Experience..............................................................25
Key Management User Experience.......................................................................................29
Manage Keys Options.......................................................................................................30
Duplicating the Recovery Password.................................................................................31
Duplicating the Startup Key...............................................................................................31
Resetting the PIN..............................................................................................................31
Definitions..............................................................................................................................31
Appendix ...............................................................................................................................33
Key Architecture and Design.............................................................................................33
Administration...................................................................................................................36
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 2

Disclaimer
This is a preliminary document and may be changed substantially prior to final commercial release of the
software described herein.

The information contained in this document represents the current view of Microsoft Corporation on the
issues discussed as of the date of publication. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot
guarantee the accuracy of any information presented after the date of publication.

This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.

Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights
under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval
system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or
otherwise), or for any purpose, without the express written permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property
rights covering subject matter in this document. Except as expressly provided in any written license
agreement from Microsoft, the furnishing of this document does not give you any license to these
patents, trademarks, copyrights, or other intellectual property.

Unless otherwise noted, the example companies, organizations, products, domain names, e-mail
addresses, logos, people, places and events depicted herein are fictitious, and no association with any
real company, organization, product, domain name, email address, logo, person, place or event is
intended or should be inferred.

© 2006 Microsoft Corporation. All rights reserved.

Microsoft, Active Directory, BitLocker, Windows, Windows Server, and Windows Vista are either
registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 3

Overview
Microsoft® BitLocker™ Drive Encryption is a feature in Microsoft Windows Vista™
Enterprise and Ultimate editions that protects data when a computer is in
unauthorized hands or is running an exploiting operating system. BitLocker does
this by preventing an unauthorized user who boots another operating system or
runs a software hacking tool from breaking Windows Vista file and system
protections, or even viewing the files that make up the operating system itself. The
same technology also cryptographically secures the hibernation file, which contains
all programs and documents that were open when the computer hibernated.
BitLocker is a hardware-based security feature that addresses the growing need for
better data protection. The feature uses a hardware device, the Trusted Platform
Module (TPM) 1.2 to protect user data and to ensure that a PC that is running
Windows Vista has not been tampered with while the system was offline. BitLocker
provides both mobile and office enterprise information workers with more data
protection when their systems are lost or stolen. Specific logo requirements must be
satisfied to ensure proper functioning of BitLocker with TPM. BitLocker can also be
used on Windows Vista computers without a TPM.
Note: The TPM is a microcontroller root of trust and can be leveraged to provide a
variety of cryptographic services. TPM v1.2 with compatible BIOS upgrades gives
BitLocker the ability to validate the integrity of critical early boot components and a
transparent startup experience. The nature of this chip ensures that the information
that is stored there is more secure from external software attacks and physical theft.
BitLocker can be transparent to the user and is easy to deploy and manage. When
a system is compromised, BitLocker has a simple and efficient recovery process for
authorized users.
BitLocker Drive Encryption:
Ensures boot integrity because it is:
Resilient to attack. It protects the system from offline software-based attacks.
Locks the system when tampered with. If any monitored files are altered or
deleted, the system will not boot. This alerts users to changes in their
system.
Protects data while the system is offline because it:
Encrypts user data and system files. All data on the Windows volume is
encrypted: user data, system files, hibernation file, page file, and temporary
files.
Provides umbrella protection for third-party applications, which benefit
automatically when installed on an encrypted volume.
Eases equipment recycling by:
Simplifying the recycling process. Data on the encrypted volume can be
rendered useless by deleting the TPM key store.
Facilitating data deletion. Making data permanently unusable takes seconds
instead of hours.
The main goal of BitLocker is to protect data on the operating system volume of the
hard drive when the computer is turned off or hibernated. To achieve this, volume
contents are encrypted with a full-volume encryption key (FVEK), which in turn is
encrypted with a volume master key (VMK), as shown in Figure 1. Securing the
VMK is an indirect way of protecting data on the disk volume. The addition of the

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 4

VMK allows the system to rekey easily when keys upstream in the trust chain are
lost or compromised, given that decrypting and reencrypting the entire disk volume
is expensive.
In the basic use scenario, the VMK is bound, or sealed, to the TPM 1.2 security
hardware. Access to data on the protected operating system volume is possible if
the TPM successfully validates the integrity of critical early boot components in the
operating system. The default TPM platform validation profile secures the VMK
against changes to the Master Boot Record (MBR) Code (PCR 4), the NTFS Boot
Sector (PCR 8), the NTFS Boot Block (PCR 9), the NTFS Boot Manager (PCR 10),
and the Volume Key and Critical Components (PCR 11).
Recovery mechanisms exist for authorized users who encounter legitimate recovery
scenarios. For example, if the TPM fails validation due to a necessary upgrade, if
the system board that contains the TPM is replaced, or if the hard drive that
contains the operating system volume is moved to another computer, the system
enters recovery mode and the user can use a recovery key that is stored on a USB
key.
After BitLocker authenticates access to a protected operating system volume, a
filter driver in the Windows Vista file system stack uses the FVEK to encrypt and
decrypt disk sectors transparently as data is written to and read from the protected
volume. When the computer hibernates, an encrypted hibernation file is saved to
the protected volume. Pending access authentication, this saved file is decrypted
when the computer resumes from hibernation.
This document presents multiple BitLocker user scenarios and describes setup,
management, and recovery. Screenshots, diagrams, and examples demonstrate
how a local or domain administrator can use the BitLocker Setup Wizard, the key
management user interface (UI), or easily-deployable scripts to turn on and manage
BitLocker, and how a users can access their data in recovery scenarios.
Note that because Windows Vista has not been released, actual screenshots, text,
and flows may change.
Notes on Terminology in This Document
The term volume means an area of storage on a hard disk. A volume is formatted
by using a file system, such as NTFS, and has a drive letter that is assigned to
it. This is different from a partition, which is a portion of a physical disk that
functions as though it were a physically separate disk. After a partition is
created, it must be formatted and assigned a drive letter before data can be
stored on it. A volume could exist for each partition on a hard drive, or volumes
can span multiple partitions. BitLocker works with volumes, not partitions.
The term boot volume is the volume that contains the Windows operating system
and its support files, In this document, the Windows Vista terminology operating
system volume is used. The system volume is the volume that contains the
required hardware-specific files to load Windows on x86-based computers after
the BIOS has booted the platform. In this document, this is called the system
(active) volume. For BitLocker to work, the system volume must not be
encrypted, must differ from the operating system volume, and must be
formatted with NTFS.

Basic BitLocker Use Scenario (TPM-Only)


A user wants to protect data on his or her laptop in case the computer is lost or
stolen. The laptop contains a compatible TPM (version 1.2, with BIOS support) and
has two volumes: a system volume and an operating system volume with a version
of Windows that supports BitLocker.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 5

Scenario Enable/Disable: This scenario can be enabled or disabled by using the


Security item in Windows Vista Control Panel. For more information, see "BitLocker
Setup Wizard User Experience," later in this paper.
When BitLocker is turned on, the operating system volume is encrypted and the
VMK is protected by sealing it to the TPM.
When BitLocker is disabled, the VMK is available through a clear key, so the data is
still encrypted, but accessible to anyone.
When BitLocker is turned off, the volume is decrypted and all keys must be re-
created if BitLocker is turned on again at a later time.
Key Change/Duplication: All keys in this scenario are not visible to the user and
cannot be changed, duplicated, or revoked.
Protected Volume Move: A move of the protected operating system volume to
another TPM-enabled machine requires a recovery key or password-based
recovery. The VMK must also be resealed to the new TPM. This also applies to
scenarios where the system board (with the old TPM) must be changed. For more
information, see "Recovery Use Scenarios," later in this paper.
When BitLocker is enabled, data on the operating system volume is protected by
encrypting volume contents with the FVEK, encrypting the FVEK with the VMK, and
sealing the VMK to the TPM. When BitLocker is turned off, the volume is decrypted
and all keys are removed. New keys are created if BitLocker is turned on again at a
later time.
During BitLocker setup, creation of a recovery password or recovery key is highly
recommended. Users require the recovery key or password to access data if the
computer enters recovery mode. The following circumstances trigger recovery
mode:
A hard disk that contains a BitLocker-protected operating system volume is moved
to another computer.
A system board is changed.
The TPM on the computer fails to validate successfully.
Other circumstances change the boot sequence.
For more information, see "Recovery Use Scenarios," later in this paper.
User Interface Support
1. In Control Panel, navigate to the BitLocker icon in the Security item to turn on
BitLocker.
2. Click Turn On BitLocker to run the BitLocker Setup Wizard.
3. Create a recovery key or a recovery password as part of the setup process,
skipping all other options.
For more information, see "BitLocker Setup Wizard User Experience," later in
this paper.
4. After BitLocker is turned on, navigate to the Security item in Control Panel to
turn off or disable BitLocker.
Scripting Support
Note: The method names in this section are exposed through the BITLOCKER
Windows Management Instrumentation (WMI) Provider,
Win32_EncryptableVolume.
1. Use ProtectKeyWithTPM to secure the encryption key for the volume to the
TPM.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 6

2. Create recovery binary large objects (BLOBs):


Use ProtectKeyWithExternalKey to create a recovery key.
Use ProtectKeyWithNumericalPassword to create a recovery password.
3. Use Encrypt to encrypt the volume.
4. Use GetConversionStatus to indicate when the volume is fully encrypted.
5. Use GetProtectionStatus to ensure that BitLocker protection is turned on.
6. Use Decrypt to decrypt the volume and turn off BitLocker protection.

Cleartext data
Data

Decryption
performed on FVEK
Volume Encryption
data using Key (FVEK)
FVEK
VMK
Encrypted Disk Sectors

Unseal performed
on VMK by TPM

MK
dV
TP

ale
M

Se
Ke
y

TPM

Disk
Encrypted
Volume
Figure 1. Accessing a BitLocker-enabled volume with TPM protection

Two-Layer Protection Use Scenarios


BitLocker offers two types of two-layer protection use scenarios:
Two-factor authentication
Two-layer key protection
In the first type, the user is authenticated with two-factor authentication: what the
user has (the TPM) and what the user knows (a PIN). In the second type, the user
uses two things (the TPM and a USB device) to authenticate.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 7

Two-Factor Protection: TPM and PIN


A user wants to protect the data on his computer with two-factor authentication:
what he has (TPM)] and what he knows (PIN). He is willing to type the PIN each
time the computer starts.
When the PIN is created, it is linked to the VMK. Now when BitLocker is enabled,
the user must enter the PIN to access any information on the encrypted volume.
The PIN can be changed, but it cannot be stored or backed up. Like the basic
BitLocker use scenario, the creation of a recovery password or recovery key is
highly recommended to access a BitLocker-enabled disk volume in recovery
scenarios (for example, if the user forgets the PIN).
User Interface Support
1. In Control Panel, navigate to the BitLocker icon in the Security item to turn on
BitLocker and enable PIN support.
Click Turn On BitLocker to run the BitLocker Setup Wizard.
Create a recovery key or a recovery password as part of the setup process.
Use the Create PIN? dialog box to enable PIN authentication.
For more information, see screen 2a in Figure 7, later in this paper.
2. Reset or change the PIN through the Manage Keys link in the Control Panel
BitLocker item.
The following security notes exist in Windows Vista:
After BitLocker protection is turned on; the PIN cannot be added without first
decrypting the disk and turning off BitLocker.
After the PIN is created and BitLocker protection is turned on, the PIN cannot be
removed without first turning off BitLocker.
Scripting Support
1. Use ProtectKeyWithTPMAndPIN to secure the encryption key for the
volume to the TPM, enhanced with PIN authentication.
Note that this method can be used even if a TPM-only authentication BLOB
already exists or BitLocker protection has already been turned on.
2. Create recovery BLOBs:
Use ProtectKeyWithExternalKey to create a recovery key.
Use ProtectKeyWithNumericalPassword to create a recovery password.
3. Use Encrypt to encrypt the volume.
4. Use GetConversionStatus to indicate when the volume is fully encrypted.
5. Use GetProtectionStatus to ensure that BitLocker protection is turned on.
6. Use Decrypt to decrypt the volume and turn off BitLocker protection.
7. Use DeleteKeyProtector to remove the TPM-plus-PIN authentication BLOB.
8. Use ProtectKeyWithTPMAndPIN once again to re-create the TPM-plus-PIN
BLOB (with possibly a different PIN).

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 8

Cleartext data

Data
Decryption
performed on FVEK
Volume Encryption
data using Key (FVEK)
FVEK

VMK
Encrypted Disk Sectors

Unseal
performed on TPM Key

VMK

Ha TPM
MK sh
dV ed
ale PIN
Se

PIN
Disk
Encrypted
Volume

Figure 2. Accessing a BitLocker-enabled volume with PIN-enhanced TPM


protection

Two-Layer Protection: TPM and Startup Key


A user wants to protect the data on her computer with two-layer authentication:
TPM and USB flash drive that contains a startup key. She is willing to insert the
USB flash drive that contains the startup key each time before the computer starts.
Scenario Enable/Disable: The two-layer authentication scenario can be enabled
and disabled starting with the Security item in Windows Vista Control Panel and
using the follow-on Create Startup Key dialog box (see screen 2b in Figure 7, later
in this paper). The first version of BitLocker has no UI that allows the user to easily
turn on or turn off the two-layer protection at a later time, after BitLocker setup. If
the user decides to turn off two-layer protection by removing the startup key layer,
she must disable and reenable BitLocker.
Key Change/Duplication: Except for the PIN, all keys in this scenario are not
visible to the user and cannot be changed, duplicated, or revoked. The PIN value
can be reset in the Control Panel BitLocker item, but cannot be stored or
escrowed.
The startup key is stored on the computer that is encrypted by the VMK, but cannot
be backed up automatically. Like the BitLocker use scenario, the creation of a
recovery password or recovery key is highly recommended to access a BitLocker-
enabled disk volume in recovery scenarios (for example, losing the USB flash drive
that contains the startup key).

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 9

Although the startup key is required from power-up until Windows logon, it should
be removed afterwards to secure two-layer authentication.
User Interface Support
1. In Control Panel, navigate to the BitLocker icon in the Security item to turn on
BitLocker and enable startup key support.
Click Turn On BitLocker to run the BitLocker Setup Wizard.
Create a recovery key and/or a recovery password as part of the setup process.
Use the Create a startup key for added security dialog box to add a startup
key.
For more information, see screen 1 in Figure 7, later in this paper
2. Duplicate the startup key through the Manage Keys link in the Control Panel
BitLocker item.
The following security notes exist in Windows Vista:
After BitLocker protection is turned on, the startup key cannot be added without first
decrypting the disk and turning off BitLocker.
After the startup key is created and BitLocker protection is turned on, the startup
key cannot be removed without first turning off BitLocker.
After the startup key is created and BitLocker protection is turned on, the startup
key cannot be changed without first turning off BitLocker.
Scripting Support
1. Use ProtectKeyWithTPMAndStartupKey to secure the encryption key for the
volume to the TPM, enhanced with startup key authentication.
2. Create recovery BLOBs:
Use ProtectKeyWithExternalKey to create a recovery key.
Use ProtectKeyWithNumericalPassword to create a recovery password.
3. Use Encrypt to encrypt the volume.
4. Use GetConversionStatus to indicate when the volume is fully encrypted.
5. Use GetProtectionStatus to ensure that BitLocker protection is turned on.
6. Use Decrypt to decrypt the volume and turn off BitLocker protection.
7. Use DeleteKeyProtector to remove the TPM-plus-startup-key authentication
BLOB.
8. Use ProtectKeyWithTPMAndStartupKey again to re-create the TPM-plus-
startup-key BLOB (with possibly a different startup key).

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 10

Cleartext data

Data
Volume Encryption
Decryption Key (FVEK)
performed on FVEK

data using

VMK
FVEK

Unseal performed
on VMK
Encrypted disk sectors

TPM

Intermediate key
y
ke
M
TP

Combining keys
Sealed VMK by using USB device
SHA256 with Startup
Key
Disk
EK
Encrypted
Volume

Figure 3. Accessing a BitLocker-enabled volume with startup key–enhanced


TPM protection

Startup Key–Only Use Scenario


A user wants to protect his data on a system without a compatible TPM. He is
willing to insert the USB flash drive that contains the startup key each time the
computer starts.
Scenario Enable/Disable: This scenario can be enabled and disabled by using the
Security item in Windows Vista Control Panel. The user must create a startup key
by using the wizard when turning on BitLocker. This scenario can also be enabled
through scripting. When the feature is disabled, the volume is decrypted and all
keys are destroyed and must be re-created if the feature is reenabled at a later
time.
Key Change/Duplication: The startup key is created for the user and is visible for
saving to a file in a user-determined location. The startup key can be copied but
cannot be changed.
Volume Move: Moving the protected volume to another computer without a
TPM 1.2 requires only the presence of the USB flash drive that stores the startup
key. Moving the protected volume to a TPM-enabled computer requires the startup
key (or, as usual, the recovery key or password-based recovery).
When the user has a computer without an appropriate TPM and wants to leverage
BitLocker functionality (and has a system volume and an operating system volume
configured), he enables it through the BitLocker item in Windows Vista Control

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 11

Panel. The system generates a startup key when the user inserts a USB flash drive,
and saves the startup key. The USB device is now required for booting (or resuming
from hibernation).
The user inserts the USB flash drive and turns on the computer. The PC boots into
the operating system, and the user can start using the system normally. For a
diagram of the process of decrypting data on a protected volume by using external
media only (for example, no TPM), see Figure 4.
Using the Control Panel BitLocker item, the user can create a backup (copy) of the
startup key on a destination of his choosing.
Another scenario is volume recovery. If the user’s system is damaged and he must
move the hard drive to a new machine, he can use the recovery key on his external
device to decrypt and recover the volume.
The overall BitLocker security of a system that uses a startup-key-only scenario is
not at the same high level as the security of a system that uses a TPM.
User Interface Support
1. Create and save a startup key as part of the BitLocker Setup Wizard.
For more information, see screen 1 in Figure 7, later in this paper.
2. Save the created startup key as part of the key management interface.
3. Insert the startup key as part of the boot process.
The following security notes exist in Windows Vista:
After creation, the startup key cannot be changed.
After creation, the startup key cannot be removed or revoked.

Scripting Support
1. Use ProtectKeyWithExternalKey to create an external key that is used as a
startup key for a computer without a compatible TPM.
2. Use SaveExternalKeyToFile to write a file that contains the startup key to a
USB flash drive or another location.
3. Use UnlockWithExternalKey to unlock a volume with a startup key.
4. Use GetKeyProtectors to list the created external keys for a disk volume.
5. Use DeleteKeyProtector to remove the external key authentication BLOB that is
associated with a created startup key.
6. Use GetKeyProtectorExternalKey to retrieve the key contents of a created
startup key BLOB.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 12

Cleartext Data

Data
Decryption
performed on FVEK Volume Encryption
Key (FVEK)
data using FVEK

VMK
Encrypted disk sectors

Decrypting of
the VMK

Startup Key

Encrypted
Volume USB device with
Startup Key

Figure 4. Volume decryption process with startup key from external media
and no TPM

If an external device is lost, the startup key can be revoked through volume
reencryption. The volume must be recovered by using the recovery key or the
recovery password and a new startup key generated. All other volumes that also
use the lost startup key must undergo a similar procedure.

Recovery Use Scenarios


Recovery is using a recovery key or password to decrypt a copy of the VMK. The
TPM is not involved in recovery scenarios, so recovery is possible if the TPM fails
boot component validation, malfunctions, or is inaccessible.
Various scenarios can trigger recovery:
Upgrade of the system board or TPM.
Damage to a computer that causes the user to move the BitLocker-enabled volume
to a different computer with a different TPM or no TPM at all.
Turning off, disabling, or clearing the TPM.
Upgrading critical early boot components that causes the TPM to fail validation.
Forgetting the PIN if TPM-plus-PIN authentication has been enabled.
Losing the USB flash drive that contains the startup key if TPM-plus-startup-key
authentication has been enabled.
Redeploying desktops or laptops to others in the enterprise (such as to users with
different security clearances).

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 13

Retasking desktops in place (changing the purpose of that machine, for example,
an IT administrator reinstalling the operating system remotely).
BitLocker cannot distinguish between a legitimate upgrade to critical early boot
components by the user and a malicious change to these same boot components
by an attacker. Both cases trigger recovery, and anyone with access to recovery
tokens can read BitLocker-protected data. For these reasons, it is important to keep
recovery keys and passwords secure and accessible only to authorized individuals.
If the cause of recovery is unknown, avoid unknowingly accepting malicious
changes to critical files by validating and resetting critical boot components to a
known-good state.

Accessing a Protected Volume by Using a Recovery Key


A user cannot boot into her BitLocker-enabled operating system volume because
the system is in recovery mode. She previously created a recovery key and saved it
onto a USB flash drive.
The recovery key can be created and saved to a USB flash drive during BitLocker
setup, and be managed and copied after BitLocker is enabled.
By inserting the USB flash drive that contains the recovery key into the computer
when it starts, the user can access the operating system volume regardless of the
state of the TPM.
User Interface Support
1. Create a recovery key as part of the BitLocker Setup Wizard.
For more information, see screen 4 in Figure 7, later in this paper.
2. Make a copy of the created recovery key as part of the key management
interface.
3. Input the recovery key as part of the pre-Windows text-mode recovery interface.
For more information, see "Pre-Windows Boot and Recovery User Experience,"
later in this paper.
The following security notes exist in BitLocker:
After creation, the recovery key cannot be changed.
After creation, the recovery key cannot be removed or revoked.
After BitLocker is enabled, a new recovery key cannot be added.

Scripting Support
1. Use ProtectKeyWithExternalKey to create a recovery key.
Note that this method can be used even if a recovery key BLOB already exists
or BitLocker protection has already been turned on.
2. Use SaveExternalKeyToFile to write a file that contains the recovery key to a
USB flash drive or another location.
3. Use UnlockWithExternalKey to unlock a volume with the recovery key.
4. Use GetKeyProtectors to list the created recovery keys for a disk volume.
5. Use DeleteKeyProtector to remove the external key authentication BLOB that is
associated with a created recovery key.
6. Use GetKeyProtectorExternalKey to retrieve the key contents of a created
recovery key BLOB.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 14

Cleartext Data

Data
Decryption
performed on FVEK Volume Encryption
Key (FVEK)
data using FVEK

VMK
Encrypted disk sectors

Decrypting of
the VMK

RK

Encrypted
Volume USB device with RK

Figure 5. Accessing a BitLocker-enabled volume with recovery key

Accessing a Protected Volume by Using a Recovery Password


A user cannot boot into his BitLocker-enabled operating system volume because
recovery was triggered. He previously created a recovery password and either
wrote it down, printed it, or saved it to a file.
The recovery password is randomly generated during BitLocker setup and can be
managed and copied after BitLocker is enabled. Through the wizard, the recovery
password can be printed or saved to a file for future use.
The domain administrator can configure Group Policy to automatically generate
recovery passwords and transparently back them up to Microsoft Active Directory®
when BitLocker is enabled. Furthermore, the domain administrator can choose to
prevent BitLocker from being enabled unless the computer is connected to the
network and Active Directory backup of the recovery password is successful.
The domain administrator can retrieve a stored recovery password when the
protected computer is in recovery mode. For example, if an employee must recover
his operating system volume while traveling, he can call IT help desk support and
obtain the appropriate recovery password.
User Interface Support
1. Create, save, or print a recovery password as part of the BitLocker Setup
Wizard.
For more information, see screen 4 in Figure 7, later in this paper.
2. Save or print a copy of the created recovery password as part of the key
management interface.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 15

3. Input the recovery password as part of the pre-Windows text-mode recovery


interface.
For more information, see "Pre-Windows Boot and Recovery User Experience,"
later in this paper.
The following security notes exist in Windows Vista:
After creation, the recovery password cannot be changed.
After creation, the recovery password cannot be removed or revoked.
After BitLocker is enabled, a new recovery password cannot be added.

Scripting Support
1. Use ProtectKeyWithNumericalPassword to create a recovery password.
Note that this method can be used even if a recovery password BLOB already
exists or BitLocker protection has already been turned on.
If Active Directory backup is enabled or required by Group Policy, this method
also stores the recovery password to Active Directory.
2. Use UnlockWithNumericalPassword to unlock a volume with a recovery
password.
3. Use GetKeyProtectors to list the created recovery passwords for a disk volume.
4. Use DeleteKeyProtector to remove the numerical password authentication
BLOB that is associated with a created recovery password.
5. Use GetKeyProtectorNumericalPassword to retrieve the numerical password
content of a created recovery password BLOB.

Cleartext Data
Data

Volume Encryption
Decryption FVEK
Key (FVEK)
performed on
data using FVEK
VMK
Encrypted disk sectors

Decryption of the
VMK using the
password
Recovery password

Encrypted F-key password


Volume obtained from Admin

Figure 6. Accessing a BitLocker-enabled volume with recovery password

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 16

Disabling Protection Use Scenario


When BitLocker is disabled, the volume is encrypted but the VMK is freely available
on disk, encrypted with a symmetric clear key that is stored on the hard disk. The
availability of the clear key disables the security that BitLocker offers, but ensures
that all subsequent computer boots will succeed under any circumstance.
The administrator may be required to temporarily disable BitLocker in the following
scenarios:
The machine reboots for maintenance without requiring user input (for example, of
PIN or startup key).
Upgrade of critical early boot components without triggering BitLocker recovery.
Installation of another operating system may change the boot manager.
Repartition of the disk may change the partition table.
Other system tasks may change the boot components that are validated by the
TPM.
Upgrade of the system board to replace or remove the TPM without triggering
BitLocker recovery.
Turning off, disabling, or clearing the TPM without triggering BitLocker recovery.
Moving a BitLocker-protected disk to another machine without triggering BitLocker
recovery.
Losing all recovery tokens and needing to safely create new ones before triggering
BitLocker recovery.
When BitLocker is reenabled, the clear key is removed from the disk volume and
BitLocker protection is turned on again.
Exposing the VMK even for a brief period is a security risk because it is possible
that an attacker has accessed the VMK and FVEK when these keys were exposed
by the clear key.
Scenario Enable/Disable: This scenario can be enabled or disabled through the
BitLocker item in Windows Vista Control Panel. When clear key is enabled, the
volume remains encrypted, but the clear key is stored locally on disk. When clear
key is disabled, the volume remains encrypted and the clear key is removed from
the disk.
Key Change/Duplication: The clear key is stored, as the name suggests, in the
clear on the local hard drive, in a predetermined location. It cannot be copied, nor
can it be changed, because it is not visible to the user and is not stored as a file. All
other keys (VMK and FVEK) in this scenario are unseen to the user and cannot be
changed, duplicated, or revoked.
Volume Move: Moving the protected volume to another TPM-enabled machine
does not require any additional steps because the key that protects the VMK is
stored locally, in the clear.
User Interface Support
1. In Control Panel, navigate to the BitLocker icon in the Security item.
Click the Disable BitLocker link to disable BitLocker.
For more information, see "BitLocker Setup Wizard User Experience," later in
this paper.
2. After BitLocker is disabled, navigate to the Control Panel BitLocker item to
enable BitLocker.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 17

Scripting Support
1. Use DisableKeyProtectors to disable BitLocker protection and authentication
without decrypting the volume.
2. Perform the task and optionally reboot the computer.
3. Use EnableKeyProtectors to enable BitLocker protection and update the
validation of any boot components that may have changed.
4. Use GetKeyProtectorPlatformValidationProfile to determine the boot
components that the TPM validated.

BitLocker Setup Wizard User Experience


The BitLocker Setup Wizard allows administrators or users to enable BitLocker.
Administrators can specify how the encryption key is protected and begin
encryption of the disk volume that contains Windows Vista.
This wizard is available from the BitLocker icon in the Security item of Control
Panel by clicking the Turn On BitLocker link.
The flow for BitLocker Setup Wizard is shown in Figure 7. Each screenshot is also
available at a larger scale later in this section.

Figure 7. BitLocker Setup Wizard user interface flow

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 18

Control Panel Main Page

Figure 8. Control Panel Main Page with TPM Initialized

Option to Use a Startup Key or PIN for Added Security

Figure 9. Option to use a startup key or PIN for added security


(screen 1 in Figure 7)

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 19

This screen is used to choose either a startup key (on a USB flash drive) or a PIN
for additional security, assuming that a TPM is present. Users can also choose not
to add this layer of protection.
If a TPM is not being used, only the Save a Startup Key on a USB Drive option is
available. The Set a Startup PIN and Don't Use a Startup Key or Pin options are
unavailable because they rely on a TPM.
For more information, see "Two-Layer Protection: TPM and Startup Key," earlier in
this paper.

Save a Startup Key on a USB Drive

Figure 10. Save a startup key on a USB drive (screen 2b in Figure 7)

This screen is used to choose a USB drive on which to save a startup key. With this
option, the user must insert the key before starting the computer.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 20

Set a Startup PIN

Figure 11. Create a PIN (screen 2a in Figure 7)

This screen offers the option to enter a 4- to 20-digit PIN. Setting a PIN adds an
extra factor of authentication protection. For more information, see "Two-Factor
Protection: TPM and PIN," earlier in this paper.
Domain administrators can require or disallow PIN creation.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 21

Create a Recovery Password

Figure 12. Create Recovery Password (screen 3 in Figure 7)

This screen is used to create a recovery password. For more information on how
the recovery password is used, see "Accessing a Protected Volume by Using a
Recovery Password," earlier in this paper. If the user chooses to create a recovery
password, screen 4 (shown in Figure 13) appears, which has options on the format
of the recovery password.
Domain administrators can use their Group Policy to require or disallow recovery
password creation.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 22

Option to Save the Recovery Password

Figure 13. Save the recovery password (screen 4 in Figure 7)

This screen is used to save the recovery password to a USB drive or a folder, to
display the password, or to print the password. For more information on how the
recovery password is used, see "Accessing a Protected Volume Using a Recovery
Password," earlier in this paper.

Save a Recovery Password to a USB Drive

Figure 14. Save recovery password to USB (screen 4a in Figure 7)

This screen is used to save a recovery password on a USB flash drive. For more
information on how this recovery password is used, see "Recovery Scenario by
Using a Recovery Key," earlier in this paper.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 23

Users should not save the recovery password on the same USB flash drive that
they use for the startup key. If they lose that flash drive, they may lose access to
their data.
Domain administrators can use Group Policy to require or disallow recovery
password creation.

Show the Recovery Password

Figure 15. Show recovery password (screen 4b in Figure 7)

This screen is used to display a recovery password on screen.


Domain administrators can use Group Policy to require or disallow recovery
password creation.

Print the Recovery Password

Figure 16. Print recovery password (screen 4c in Figure 7)

This screen is used to print the recovery password.


Domain administrators can use Group Policy to require or disallow recovery
password creation.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 24

Save the Password in a Folder

Figure 17. Save recovery password to a folder (screen 4d in Figure 7)

This screen offers the option to save a recovery key as a file to a folder, such as a
folder on a network share. For more information on how this recovery key is used,
see "Recovery Scenario by Using a Recovery Key," earlier in this paper.
Domain administrators can use Group Policy to require or disallow recovery
password creation.

Recovery Warning

Figure 18. Warning to create recovery options (screen 5 in Figure 7)

This screen appears only if none of these four recovery creation options has been
chosen:
Save a recovery password to a file.
Print a recovery password.
Save a recovery key to a pluggable USB storage device.
Save a recovery key file to a folder.
Domain administrators can turn off the appearance of this warning screen through
Group Policy.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 25

Encrypt the Volume

Figure 19. Encrypt the volume (screen 6 in Figure 7)

This screen notifies the users that the encryption of the volume is about to begin.
The amount of time that this step takes is directly related to the size of the volume.
However, encryption is performed in the background so that the computer can
continue to be used while the volume is being encrypted. In addition, the
administrator can pause and resume encryption at any time. Encryption is
automatically paused when the computer is turned off or hibernated and can be
resumed when the computer is turned on again. Encryption takes approximately
one minute per gigabyte (GB).

Pre-Windows Boot and Recovery User Experience


When a BitLocker-enabled operating system volume boots, Windows Vista boot
code must perform authentication steps before unlocking or allowing access to the
protected volume.
BitLocker attempts to unlock a volume in the following sequence:
1. Clear key: Protection has been disabled and the VMK is freely accessible. No
authentication is necessary.
2. Authentication that does not require UI to be presented:
TPM: The TPM successfully validates early boot components to unseal the
VMK.
TPM plus startup key: The TPM successfully validates early boot components,
and a USB flash drive that contains the startup key has been inserted.
3. Authentication for which text-mode UI must be presented to the user:
TPM plus PIN: The user must enter the correct PIN before the TPM can be
successfully validated.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 26

Recovery key and/or startup key: The user must insert the USB flash drive that
holds the recovery key or startup key.
Recovery password: The user must enter the correct recovery password.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 27

Figure 20 illustrates the flow of this boot-time unlocking process and shows when
pre-Windows text-mode interface is presented to the user.

Figure 20. Flow to unlock an operating system volume

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 28

For all system boot process scenarios, if the required method of authentication is
present, the operating system volume unlocks and continues booting.
If the required method of authentication is not present, the interface appears as
shown in the following paragraphs.
If the Startup Key is not present (screen 1):
The key required to unlock this volume was not found.
Please insert removable storage media containing the Startup Key
or the Recovery Key.
Then press ENTER to reboot.

If the media is inserted and the correct key is found (screen 0 in Figure 20):
You may now remove the media.

When the PIN is enabled, when booting (or resuming from hibernation), the user
sees a screen that requests the PIN (screen 2 in Figure 20):
To start this computer, type its BitLocker Drive Encryption
startup PIN and then press Enter.

Use function keys F1 through F9 for 1 through 9, and F10 for 0.


Use the Tab, Home, End, and Arrow keys to move the cursor.

If you do not have the correct startup PIN, press Escape.

If the PIN that is entered is incorrect, the following error text appears (screen 3 in
Figure 20):
The startup PIN you entered is not correct for this disk volume.

To re-enter the startup PIN, press Enter.

If you do not have the correct startup PIN, press Escape.

Pressing ESC opens a screen that is determined by the recovery mechanism that
the user set up. If the user did not set up an external media recovery key, the
password-based recovery screen appears. If the user did set up a recovery key, the
external media-based recovery-key screen appears.
At boot time, if the USB storage device that contains the recovery key has not been
inserted, the key has not been found, or the key is incorrect, the following message
appears (screen 1 in Figure 20):
The key required to unlock this volume was not found.

Please insert removable storage media containing the Startup Key


or the Recovery Key.
Then press ENTER to reboot.

The same message appears if the recovery key is not found on the inserted USB
storage device, is found but is invalid, and so on.
Pressing ESC opens the password-based recovery screen, if a recovery password
was set. The recovery screen now appears (screen 5 in Figure 20):
To start this computer, type its 48-digit BitLocker Drive
Encryption recovery password and then press Enter.

__ ______ ______ ______ ______ ______ ______ ______

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 29

Use function keys F1 through F9 for 1 through 9, and F10 for 0.


Use the Tab, Home, End, and Arrow keys to move the cursor.

If you do not have the correct recovery password, press Escape.

If an incorrect password was entered, the error text that is associated with this
screen appears (screen 6 in Figure 20):
The recovery password you entered is not correct for this disk
volume.

To re-enter the recovery password, press Enter.

If you do not have the correct recovery password, press Escape.

Pressing ESC opens the last screen (screen 7 in Figure 20):


This computer’s system disk volume has been locked by BitLocker
Drive Encryption. The files in this volume are encrypted and
cannot be recovered without the BitLocker Drive Encryption
recovery key or recovery password.

If you have the correct BitLocker Drive Encryption recovery key


or recovery password, click Escape to reboot.

To permanently erase the unrecoverable files and reinstall


Windows: insert your Windows product CD and then restart the
computer.

The same screen appears if no recovery mechanisms have been set.

Key Management User Experience


When the volume has been encrypted and protected with BitLocker, the Manage
Keys feature allows local and domain administrators to duplicate keys and reset the
PIN. Links in the console appear only for the keys that have been created at
BitLocker setup time.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 30

The flow for managing keys is shown in Figure 21. Each screenshot is subsequently
available at a larger scale later in this section.

Figure 21. Managing keys UI flow

Manage Keys Options

Figure 22. Manage keys (screen m1 in Figure 21)

This screen shows the user all the key management options that this feature offers:
Duplicate the recovery password
Duplicate the recovery key
Reset PIN
Each of these keys and authentication values is defined in earlier sections of this
document, along with use scenarios for each.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 31

Duplicating the Recovery Password


Screen 4 (in Figure 21) enables the user to print out the optional 48-digit recovery
password or to save it on another computer.

Duplicating the Startup Key


Screen 2b (in Figure 21) enables the user to save the startup key to a USB flash
drive.

Resetting the PIN


Screen 2a (in Figure 21) enables the user to reset the PIN. This screen is similar to
screen 2a in the BitLocker Setup Wizard.

Definitions
BLOB
binary large object; any cryptographically-protected piece of data. For example,
the VMK is sealed to the TPM but the resulting BLOB returned by the
TPM_Seal operation is actually stored on disk. Similarly, the VMK can be
encrypted by a clear key, external key, or recovery password and stored on disk
as a BLOB.
BDE
BitLocker Drive Encryption; the Windows Vista feature that enables disk
volumes to be encrypted and protected with a TPM.
BitLocker disabled
A condition in which the disk volume is encrypted, but the FVEK that is used to
encrypt the operating system volume is freely available via a clear key.
Although the volume is encrypted, security is effectively disabled.
BitLocker enabled
A condition in which data on the volume is encrypted as it is written and
decrypted as it is read. When the computer starts, successful validation of
critical early boot components by the TPM (in conjunction with a startup key or
PIN, if configured), input of a recovery password, or a insertion of USB flash
drive that contains a recovery key is required to decrypt the VMK and access
the volume.
BitLocker off
When BitLocker protection is off on a disk volume, a condition in which the disk
volume is not encrypted and BitLocker protection is not in effect. This is a disk
volume with a standard clear text file format.
BitLocker on
Same as BitLocker enabled.
clear key
A key that is stored in the clear on the disk volume. This key is used to freely
access the VMK and, in turn, the FVEK when BitLocker protection is disabled
but the disk volume remains encrypted. See BitLocker disabled.
external key
A key that is stored external to the system (for example, USB flash drive). This
key can be used as a startup key or a recovery key. A copy of the external key
is stored encrypted on disk by the VMK and can be retrieved by an
administrator after Windows has loaded.
external key file
A file that contains the external key in plaintext. The name and contents of the
file are internal to Microsoft and may change from version to version.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 32

FVEK
full-volume encryption key; the algorithm-specific key that is used to encrypt
(and optionally, diffuse) data on disk sectors. Currently this key can vary from
128 bits through 512 bits. The default encryption algorithm that is used on disk
volumes is AES 128 bit with diffuser.
operating system volume
A volume that contains an operating system (such as Windows Vista) that can
be loaded by the computer’s boot manager.
PIN
personal identification number; an administrator-specified secret value that
must be entered each time the computer starts (or resumes from hibernation).
The PIN can have 4 to 20 digits, is limited to function-key input, and is stored
internally as a 256-bit hash of the entered Unicode characters. This value is
never appears to the user in any form or for any reason. The PIN is used to
provide another factor of protection in conjunction with TPM authentication.
recovery key
A key that is used for recovering data that is encrypted on a BitLocker volume.
This key is cryptographically equivalent to a startup key. If available, the
recovery key decrypts the VMK, which in turn decrypts the FVEK. (Note that
this is not the same as the recovery password.)
recovery password
A numerical password that is specified by the administrator for recovery. It
consists of 48 digits that are divided into 8 groups. Each group of 6 digits is
checked by mod-11 before being compressed into corresponding 16 bits of
passphrase data. A copy of the passphrase data is stored on disk that are
encrypted by the VMK, and thus the recovery password can be retrieved by an
administrator after Windows has loaded. (Note that this is not the same as the
recovery key.)
startup key
A key that is stored on a USB flash drive that must be inserted each time the
computer starts. The startup key is used to provide another factor of protection
in conjunction with TPM authentication.
system (active) volume
The first volume that the computer accesses when it starts up. This volume
contains the hardware-specific files that are required to load Windows and
includes the computer’s boot manager (for loading multiple operating systems).
In general, the system volume can be, but does not have to be, the same
volume as the operating system (boot) volume. However, for BitLocker to
function, the system volume must differ from the operating system volume and,
also, must not be encrypted.
TPM
Trusted Platform Module; security hardware that provides a hardware-based
root of trust and can be leveraged to provide a variety of cryptographic services.
TPM v1.2 with compatible BIOS upgrades provides BitLocker with the secure
startup capabilities to validate the integrity of critical early boot components and
a transparent startup experience.
VMK
VMK; the key that is used to encrypt the FVEK.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 33

Appendix
Key Architecture and Design
To achieve a higher level of security without greatly affecting usability, BitLocker
supports different types of cryptographic algorithms and encryption layers, including
multifactor authentication. In general, to add additional layers of security when
protecting data, multifactor security uses:
What you have (for example, the TPM or a USB flash drive with a startup key)
What you know (for example, a PIN)
What you are
The main goal of BitLocker is to protect user data on the operating system volume.
To achieve this, disk sectors are encrypted with a full-volume encryption key
(FVEK), which is always encrypted with the volume master key (VMK), which, in
turn, is bound to the TPM (in TPM scenarios).
The VMK directly protects the FVEK and therefore, protecting the VNK becomes
critical. This strategy of protecting the VMK indirectly protects the encrypted volume
and has the advantages that:
The system can regenerate keys upstream in the chain if one or more of these keys
are lost or compromised.
The recovery process can be done without decrypting and reencrypting the entire
volume, which is expensive in terms of the user’s time.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 34

Figure A1 shows the BitLocker key architecture:

Clear Key Only one option exists per volume


AES128
+ Diffuser
Encrypted

Clear Key This key is only present temporarily Default


Full Volume
256 Bit when the Administrator has disabled
AES Encryption Key
the feature. When Cornerstone is
AES 512 Bit AES
enabled it is deleted.

AES128
TPM Encrypted

Full Volume
Encryption Key
SRK RSA AES 128 Bit AES
2048 Bit PCR RSA
Configuration AES256
+ Diffuser
Encrypted
TPM plus PIN
Full Volume
Auth Data Encryption Key
512 Bit
+ AES AES
SRK RSA
2048 Bit AES256
PCR RSA
Encrypted
Configuration

Full Volume
SHA256
Key Encryption Key
Sequence AES 256 Bit AES

TPM plus Startup Key


PCR
Configuration

Validation
SRK RSA Derived Key AES Info
2048 Bit RSA 256 Bit
To validate:
WinLoad.exe
Hibrsm32.exe
Hibrsm64.exe
SHA256 Temp Key
External Key 256 Bit
256 Bit AES Symbol Legend
Volume
Master Key Data, unprotected on the Volume
Recovery Key 256 Bit

Data, RSA sealed by the TPM on the


Volume

External Key
256 Bit
AES Data, AES encrypted on the Volume

Recovery Password Temporary generated key, not stored

Encode Protected data “What you know”


Key Derived Key
Sequence 128 Bit

Protected data “What you have”

Key
Stretch TPM Protected data
Clear Salt Temp Key
128 Bit 256 Bit
AES

Figure A1. Key architecture and design

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 35

As Figure A1 shows, there are several different ways to encrypt the VMK.
Protecting the Volume Master Key (VMK)
Authentication VMK BLOB Algorithm to
scenario encrypt VMK
Default: TPM only SRK(VMK) RSA
TPM plus PIN (SRK+SHA256(PIN))(VMK) RSA
TPM plus startup key SHA256(SRK(DerivedKey), StartupKey)(VMK) AES
Recovery key RecoveryKey(VMK) AES
Recovery password (Chained-hashing(Password),Salt)(VMK) AES
Clear key ClearKey(VMK) AES
Keys are generated at BitLocker setup time and related BLOBs are stored on the
protected disk volume.
The SRK is the storage root key that the TPM holds. It is a 2,048-bit RSA key pair
that is generated when ownership of the TPM is taken. The SRK referred to here as
an RSA key is actually the public key; the private key member of the pair is never
shown. The SRK is stored within the nonvolatile protected memory of the TPM and
cannot be removed. This helps ensure that the private key material cannot be
leaked and prevents keys from being used on any platform other than the one on
which they were created. However, mechanisms are available to migrate keys from
one TPM to another, for backup and disaster recovery purposes.
All TPM key operations are based off the SRK. When ownership of the TPM is
taken, the new owner must specify two pieces of authorization information: the
ownership authorization and the SRK usage authorization. This SRK usage
authorization is required for each TPM operation. Because this is undesirable from
a usability point of view and secure startup requires that this information be known
very early in the boot process, the TPM administrative tools sets this usage
authorization to a known value of all zeroes (20 bytes of 0). The SRK is rekeyed
each time the owner changes.
Derived keys are generated from other data (for example, numeric password) and
become part of the basis for another key. In the preceding table, DerivedKey is a
256-bit intermediate symmetric key, randomly generated and stored on disk that is
encrypted with the SRK.
The design to store the BLOBs with their corresponding disk volume implies that if a
volume is moved to another machine and then back onto a machine with the
original TPM, all existing protection BLOBs remain in effect and recovery is not
triggered.
The only way to change the VMK and FVEK for an encrypted volume is to decrypt
and reencrypt the volume. After BitLocker protection is on, the key management UI
allows administrators to reset the PIN and copy the startup key, recovery key, and
recovery password. Scripting allows administrators to add, remove, copy, and
change PIN, startup key, recovery key, and recovery password.
When the two-factor (or two-layer) authentication is enabled (for example, through
creating a PIN or startup key), the VMK BLOB that was encrypted with only the
TPM is removed. This causes the system, at next boot, to require the two-layer
authentication, instead of working with only a TPM. Script writers must remove any
TPM-only BLOBs from the disk volume if the intention is to apply the TPM-plus-PIN
or TPM-plus-startup-key authentication instead of the TPM-only authentication.

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.
BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 36

Administration
The administrator controls all aspects that are related to BitLocker Drive Encryption.
By using Group Policy (GP), the administrator can enable, disable, or make optional
authentication scenarios and recovery mechanisms.
By using BitLocker Group Policy, the administrator can:
Set Group Policy to enable backup of BitLocker and TPM recovery information to
Active Directory.
Set up UI policies to:
Establish which security scenarios are enabled, disabled, or optional.
Establish which recovery mechanisms are enabled, disabled, or optional.
Modify as required default settings, which are everything optional, except for the
recovery password, which is mandatory. Note that there is no scripting
support for the UI setup GP configuration.
Set up encryption and validation policies (for example, the disk volume’s encryption
method).

May 16, 2006


© 2006 Microsoft Corporation. All rights reserved.

You might also like