Read more: Boosty | Sponsr | TG

• The implications of this attack and provides

recommendations for how users can protect their data
from this type of attack.
II. METHODOLOGY
The methodology for analyzing BitLocker involves several
steps:
• Understanding the Technical Details: it begins by
thoroughly understanding the technical aspects of
BitLocker, including its encryption algorithms, key
management mechanisms, and security features. This
knowledge is essential for identifying potential
vulnerabilities and weaknesses in the system.
• TPM Bypass Attack Demonstration: it provides a
detailed explanation of the TPM bypass attack,
including the hardware and software components
required to provide strong visual evidence of attack in
practice, showing how an attacker can extract the
encryption key from a computer's TPM chip using a
simple device.
• Analysis of BitLocker's Encryption Algorithms: it
Abstract – This document provides a comprehensive analysis of the analyzes BitLocker's encryption algorithms, including
method demonstrated in the video "Breaking Bitlocker - Bypassing AES and XTS-AES, and discusses their strengths and
the Windows Disk Encryption" where the author showcases a low- weaknesses. It also examines the key management
cost hardware attack capable of bypassing BitLocker encryption. The mechanisms used by BitLocker and how they can be
analysis will cover various aspects of the attack, including the exploited by attackers. This analysis provides a deeper
technical approach, the use of a Trusted Platform Module (TPM) understanding of the vulnerabilities in BitLocker and
chip, and the implications for security practices. helps viewers appreciate the significance of the attack.
The analysis provides a high-quality summary of the demonstrated • Vulnerability Analysis: Based on the technical
attack, ensuring that security professionals and specialists from understanding, literature review, and practical testing, it
different fields can understand the potential risks and necessary performs a comprehensive vulnerability analysis of
countermeasures. The document is particularly useful for BitLocker. This involves identifying potential attack
cybersecurity experts, IT professionals, and organizations that rely vectors, exploiting vulnerabilities, and assessing the
on BitLocker for data protection and to highlight the need for impact of these vulnerabilities on the security of
ongoing security assessments and the potential for similar
BitLocker.
vulnerabilities in other encryption systems.
• Practical Testing and Experimentation: It conducts
I. INTRODUCTION practical tests and experiments to evaluate the
In the video "Breaking Bitlocker - Bypassing the Windows effectiveness of BitLocker's security features. This may
Disk Encryption", the author is talking about a method to bypass involve setting up test environments, simulating attacks,
the Windows Disk Encryption (BitLocker) using different and analyzing the results to identify potential
attacks including using a low-cost hardware attack. He shows weaknesses.
how an attacker can use a simple device to extract the encryption • Developing Countermeasures and
key from a computer's TPM (Trusted Platform Module) chip, Recommendations: Finally, he develops
which is used to store the encryption key for BitLocker. This countermeasures and recommendations to mitigate the
attack allows the attacker to decrypt the computer's hard drive identified vulnerabilities and improve the overall
and access the data without knowing the BitLocker password. security of BitLocker. These recommendations may
The video provides: include configuration best practices, security updates,
and additional security measures to enhance the
• The method to bypass BitLocker using a low-cost protection of data encrypted with BitLocker.
hardware attack.
III. SECURITY WEAKNESSES VIEWPOINT
• The attack targets the TPM chip, which is used to store
the encryption key for BitLocker. The attack is possible due to several factors:

• The detailed explanation of the attack, including the • Weak Encryption Algorithms: BitLocker uses weak
hardware and software components involved. encryption algorithms, such as AES-128 and XTS-
AES, which can be easily broken using brute-force
attacks.
 Read more: Boosty | Sponsr | TG
• Poor Implementation of BitLocker: BitLocker is • Gain physical access to the computer. This could be
poorly implemented, which makes it vulnerable to done by stealing the computer or by gaining access to it
various attacks, including the TPM bypass attack and through social engineering or other means.
the boot process attack.
• Open the computer case and locate the TPM chip.
• Lack of Security Awareness: many users are not The TPM chip is usually located on the motherboard.
aware of the security risks associated with BitLocker
and do not take adequate steps to protect their data. • Connect a logic analyzer or other hardware device to
the LPC bus. This will allow the attacker to monitor the
It is mentioned that the attack is possible because of the data that is being sent over the bus.
availability of low-cost hardware devices that can be used to
bypass BitLocker's security features. • Boot the computer and wait for the BitLocker key to
be sent over the LPC bus. The BitLocker key is sent
In terms of hardware this attack is also possible because the from the TPM chip to the operating system when the
LPC bus related to TPM communication is not encrypted. This computer is booted.
means that an attacker who has physical access to the computer
can easily monitor the data that is being sent over the bus. • Capture the BitLocker key using the logic analyzer
or other hardware device. Once the BitLocker key has
IV. LPC BUS been captured, the attacker can use it to decrypt the
The LPC (Low Pin Count) bus is a computer bus used on BitLocker-encrypted drive.
IBM-compatible personal computers to connect low-bandwidth D. LPC Security
devices to the motherboard, such as the boot ROM, "legacy" I/O
The LPC bus does not protect the TPM chip from security
devices (integrated into a super I/O chip), and Trusted Platform
attacks. In fact, the LPC bus is a potential attack vector that can
Module (TPM).
be used to extract the BitLocker key from the TPM chip.
A. Purpose of the LPC Bus in a TPM An attacker could use a hardware device to connect to the
The LPC bus is a low-speed, multiplexed, point-to-point bus LPC bus and monitor the data that is being sent between the
that is used to connect low-bandwidth devices to the TPM chip and the computer's motherboard. This data includes
motherboard. The LPC bus is a legacy bus and is no longer used the BitLocker key. Once the attacker has captured the BitLocker
in new computer systems. key, they can use it to decrypt the BitLocker-encrypted drive.
The TPM chip is a hardware security module that is used to To protect against this attack, users should enable
store cryptographic keys and perform cryptographic operations. BitLocker's "TPM-only" mode. This mode requires the TPM
The LPC bus is used to send commands to the TPM chip and to chip to be present and functional in order to decrypt the
receive responses from the TPM chip. Some key details: BitLocker-encrypted drive. This makes it much more difficult
for an attacker to extract the BitLocker key from the TPM chip.
• The LPC bus is a low-speed bus that operates at a speed
of 33 MHz. V. TPM BYPASS ATTACK DEMONSTRATION
• The LPC bus is a multiplexed bus, which means that it The TPM Bypass Attack Demonstration is a practical
uses the same wires to send data in both directions. demonstration of how an attacker can bypass the Trusted
Platform Module (TPM) chip and extract the encryption key
• The LPC bus is a point-to-point bus, which means that used by BitLocker to encrypt data on a computer. This attack
it connects only two devices. allows the attacker to decrypt the computer's hard drive and
• The LPC bus is a legacy bus, which means that it is no access the data without knowing the BitLocker password.
longer used in new computer systems. In the video it is used a simple and inexpensive hardware
B. Some Other Uses of the LPC Bus in Computer Systems device to perform the attack. The device is connected to the
computer's motherboard and allows the attacker to access the
• Connecting low-bandwidth devices to the motherboard, TPM chip directly. Once the attacker has access to the TPM
such as the boot ROM and the BIOS ROM chip, they can extract the encryption key and use it to decrypt
• Connecting legacy ISA devices to the motherboard the computer's hard drive.
• Connecting Trusted Platform Modules (TPMs) to the It is discussed that several examples of attacks that can be
motherboard combined to bypass BitLocker

• Connecting other low-bandwidth devices to the A. TPM Bypass Attack

motherboard, such as serial ports and parallel ports The TPM bypass attack targets the Trusted Platform Module
(TPM) chip, which is a hardware component that is used to store
C. BitLocker Extraction the encryption key for BitLocker. By bypassing the TPM, an
To extract the BitLocker key from a TPM using the LPC bus, attacker can extract the encryption key and decrypt the
an attacker would need to: computer's hard drive.
There are several ways to bypass the TPM, including:
 Read more: Boosty | Sponsr | TG
• Physical Attacks: An attacker could physically remove VI. PRACTICAL TESTING AND EXPERIMENTATION'
the TPM chip from the computer or use a hardware
device to access the TPM chip directly. A. Practical Testing and Experimentation
The author of the video on BitLocker bypass attack conducts
• Firmware Attacks: An attacker could exploit practical tests and experiments to evaluate the effectiveness of
vulnerabilities in the TPM chip's firmware to extract the BitLocker's security features and to demonstrate the TPM
encryption key. bypass attack. These tests and experiments involve setting up
• Software Attacks: An attacker could use a software test environments, simulating attacks, and analyzing the results
exploit to bypass the TPM chip and access the to identify potential weaknesses.
encryption key. B. Test Environments
B. Boot Process Attack The author sets up several test environments to simulate
The boot process attack targets the boot process of the different scenarios and configurations. This allows to test the
computer. By modifying the boot process, an attacker could effectiveness of BitLocker's security features in different
prevent BitLocker from loading or could load a malicious situations, such as when a computer is booted from a USB drive
version of BitLocker that would allow the attacker to decrypt the or when the TPM chip is disabled.
computer's hard drive. C. Simulated Attacks
There are several ways to modify the boot process, The author simulates various attacks on BitLocker, including
including: brute-force attacks, side-channel attacks, and hardware attacks.
These attacks are designed to test the strength of BitLocker's
• Modifying the Bootloader: An attacker could modify encryption algorithms and key management mechanisms.
the bootloader to prevent BitLocker from loading or to
load a malicious version of BitLocker. D. Analysis of Results
• Using a Bootkit: An attacker could use a bootkit to This analysis includes examining the time it takes to break
modify the boot process and load a malicious version of BitLocker's encryption, the resources required to carry out the
BitLocker. attack, and the impact of the attack on the integrity of the data.

• Exploiting Vulnerabilities in the Boot Process: An E. TPM Bypass Attack Demonstration

attacker could exploit vulnerabilities in the boot process This demonstration shows how an attacker can use a simple
to bypass BitLocker. and inexpensive hardware device to extract the encryption key
from a computer's TPM chip. This demonstration is used to
C. Side-Channel Attacks highlight the vulnerability of BitLocker to this type of attack.
Side-channel attacks exploit information that is leaked
during the encryption or decryption process. By analyzing this The practical testing and provides strong evidence to support
information, an attacker could potentially recover the encryption the argument that BitLocker can be bypassed using a relatively
key. There are several types of side-channel attacks, including: simple and inexpensive attack.

• Timing Attacks: An attacker could measure the time it VII. HARDWARE AND SOFTWARE COMPONENTS
takes to encrypt or decrypt data and use this information A. Hardware Components:
to recover the encryption key.
1) TPM Bypass Attack:
• Power Analysis Attacks: An attacker could measure • Raspberry Pi 3 Model B+
the power consumption of the computer during the
encryption or decryption process and use this • Bus Pirate v3.6
information to recover the encryption key. • Dupont wires
• Electromagnetic Attacks: An attacker could measure • Soldering iron
the electromagnetic emissions of the computer during
the encryption or decryption process and use this • Solder
information to recover the encryption key.
2) Boot Process Attack:
D. Brute-Force Attacks • USB flash drive
A brute-force attack is a type of attack in which an attacker • Rufus software
tries all possible combinations of a password or encryption key
until the correct one is found. Brute-force attacks can be very • A bootable Linux distribution
time-consuming, but they can be successful if the password or
encryption key is weak. B. Software Components:
1) TPM Bypass Attack:
• TPM2-Tools
• Python
 Read more: Boosty | Sponsr | TG
• Scapy C. How TPM Sniffing Works
C. Boot Process Attack: TPM sniffing works by monitoring the communication
between the boot manager and the TPM chip. This
• GRUB Customizer communication takes place over the LPC bus. An attacker can
• Syslinux use a hardware device to connect to the LPC bus and monitor
the data that is being sent between the boot manager and the
D. Detailed Explanation per the Attack: TPM chip.
1) TPM Bypass Attack: The boot manager is a small program that is responsible for
• Hardware Setup: Connect the Raspberry Pi to the loading the operating system. When the computer is turned on,
computer's TPM header using the Dupont wires. the boot manager is loaded into memory and it begins to execute.
• Software Setup: Install TPM2-Tools, Python, and The boot manager then loads the operating system into memory
Scapy on the Raspberry Pi. and transfers control to the operating system.
During the boot process, the boot manager communicates
• Extract the Encryption Key: Use TPM2-Tools to
with the TPM chip. This communication is used to verify the
extract the encryption key from the TPM chip.
integrity of the boot process and to load the encryption key for
2) Boot Process Attack: the BitLocker-encrypted drive.
• Create a Bootable USB Drive: Use Rufus to create An attacker can use a hardware device to connect to the LPC
a bootable USB drive with a Linux distribution. bus and monitor the communication between the boot manager
• Modify the Bootloader: Use GRUB Customizer to and the TPM chip. This allows the attacker to extract the
modify the bootloader on the USB drive to load a encryption key for the BitLocker-encrypted drive.
malicious version of BitLocker. D. denandz/lpc_sniffer_tpm
• Boot from the USB Drive: Boot the computer The LPC Sniffer TPM is an open-source project that was
from the USB drive. used to extract BitLocker VMK keys by sniffing the LPC bus
when BitLocker was enabled in its default configuration.
• Decrypt the Hard Drive: The malicious version of
BitLocker will decrypt the computer's hard drive. The LPC Sniffer TPM is a hardware device that can be used
to extract the BitLocker key from a TPM chip by sniffing the
E. Steps to extract the bitlocker key communication between the boot manager and the TPM chip.
• Connect the Raspberry Pi to the computer's TPM The device connects to the LPC bus and monitors the data that
header. Use the Dupont wires to connect the is being sent between the boot manager and the TPM chip.
Raspberry Pi's GPIO pins to the computer's TPM
header. 1) Features of the LPC Sniffer TPM
• I/O read and writes
• Install TPM2-Tools, Python, and Scapy on the
Raspberry Pi. Follow the instructions provided by • Memory read and writes
the author in the video. • Sync errors
• Boot the Raspberry Pi. 2) How to Use the LPC Sniffer TPM
• Run the following command to extract the • Modify the EEPROM of the FTDI and enable OPTO
encryption key from the TPM chip: python mode on Channel B.
tpm2_extractkey.py -d /dev/tpm0 -o key.bin • Program lpc_sniffer.bin into your ice40 by iceprog
• The encryption key will be saved to the file key.bin. lpc_sniffer.bin.

VIII. TPM SNIFFING • Connect the LPC bus.

• Extract LPC data: python3 ./parse/read_serial.py
A. TPM Sniffing: Bootmgr Communicates with TPM in the /dev/ttyUSB1| tee outlog.
Clear
• Extract key from data: cut -f 2 -d' outlog | grep '2...00$'
TPM sniffing is a technique that allows an attacker to extract | perl -pe 's/.{8}(..)..\n/$1/' | grep -Po
the BitLocker key from a TPM chip by monitoring the "2c0000000100000003200000(..){32}".
communication between the boot manager and the TPM chip.
This is possible because the boot manager communicates with 3) Additional Information
the TPM chip in the clear, meaning that the communication is • The LPC Sniffer TPM is an open-source project.
not encrypted.
• The project was used to extract BitLocker VMK keys by
B. Purpose of TPM Sniffing sniffing the LPC bus when BitLocker was enabled in its
The purpose of TPM sniffing is to extract the BitLocker key default configuration.
from a TPM chip. This key can then be used to decrypt the
BitLocker-encrypted drive.
 Read more: Boosty | Sponsr | TG
IX. CONSEQUENCES OF THE ATTACK • Enabling Additional Security Features: BitLocker
The consequences of the attack discussed in the video are offers several additional security features, such as two-
severe and far-reaching: factor authentication and secure boot, that can help to
protect against attacks.
• Data Loss: The attack allows attackers to decrypt and
access the data on the victim's computer, including • Keeping the Computer's Operating System and
personal files, financial information, and business Software Up to Date: Software updates often include
secrets. This can lead to significant financial losses, security patches that can help to protect against
reputational damage, and legal liability for the victim. vulnerabilities.

• Malware Infection: Attackers can use the attack to • Using a Hardware-Based TPM Chip: Hardware-
install malware on the victim's computer, such as based TPM chips are more secure than software-based
ransomware, spyware, or botnets. This can give the TPM chips.
attackers remote control over the victim's computer, A. Preventing TPM Sniffing
allowing them to steal data, launch attacks on other
There are a few things that can be done to prevent TPM
systems, or spy on the victim's activities.
sniffing, including:
• Denial of Service: The attack can be used to deny
• Enable BitLocker's "TPM-only" mode. This mode
service to the victim's computer, preventing them from
requires the TPM chip to be present and functional in
accessing their data or using their computer for work or
order to decrypt the BitLocker-encrypted drive. This
personal purposes. This can lead to lost productivity,
makes it much more difficult for an attacker to extract
financial losses, and reputational damage for the victim.
the BitLocker key from the TPM chip.
• Compromise of Sensitive Information: The attack can
• Keep the computer's operating system and firmware
be used to compromise sensitive information, such as
up to date. This will help to protect against
government secrets, military plans, or corporate trade
vulnerabilities that could be exploited by an attacker to
secrets. This can have serious consequences for national
gain access to the LPC bus.
security, public safety, and economic stability.
• Use a strong password or passphrase for the
X. COUNTERMEASURES BitLocker encryption key. This will make it more
There are several countermeasures and recommendations to difficult for an attacker to brute-force the encryption
mitigate the identified vulnerabilities and improve the overall key.
security of BitLocker, including:
• Using a Strong BitLocker Password: A strong
password makes it more difficult for an attacker to brute-
force the encryption key.