Bitlocker passphrase only

I am confused about bitlocker. Can I install bitlocker on a computer that
has NO TPM chip and just use a passphrase only with no usb key?

If I have to use a USB key can anyone who has that USB key break my bitlocker?

Can I buy a TPM PCI card?

>Can I install bitlocker on a computer that has NO TPM chip and just use
a passphrase only with no usb key?

That would be using only the recovery password. it is possible from the
infrastructure, but I'm not sure how you'd set this.

>If I have to use a USB key can anyone who has that USB key break my
bitlocker?

They would not "BREAK" it. they would access it normally, since
possesion of the usb - stored key would enable access.

Nik


--
niknik
------------------------------------------------------------------------
niknik's Profile: http://vista64.net/forums/member.php?userid=637
View this thread: http://vista64.net/forums/showthread.php?t=29092

This is specifically not allowed, because it is a very weak solution subject
to dictionary and brute-force attacks.
The recovery password is 128 bits of random entropy, with salt and
stretching (giving an effective cryptographic strength of 160 bits if I
recall).
The TPM+PIN solution uses hardware to insert a non-resettable delay to the
extent that a 4 digit pin would take an entire year to crack. To understand
the power of the hardware, without hardware, a 4 digit purely random pin
would be cracked in a fraction of a day even with good key stretching
algorithms.

The 128 bit recovery key (which is generated using the cryptographic random
number generator) would take 10^31 years (or thereabouts) to crack on
current processor architectures (due to the salt and stretching algorithm).

See http://en.wikipedia.org/wiki/Password_strength for an analysis on strong
passwords.

-
Jamie Hunter [MS]

"lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message
news:F76A6648-4EAD-4C1B-916F-2CAB7D96EDDB@microsoft.com...
>I am confused about bitlocker. Can I install bitlocker on a computer that
> has NO TPM chip and just use a passphrase only with no usb key?
>
> If I have to use a USB key can anyone who has that USB key break my
> bitlocker?
>
> Can I buy a TPM PCI card?

So Basically if I am like 90% of people and am Lazy and leave the USB key in
the computer anyone can just turn it on and access everything ??

"niknik" wrote:

>
> >Can I install bitlocker on a computer that has NO TPM chip and just use
> a passphrase only with no usb key?
>
> That would be using only the recovery password. it is possible from the
> infrastructure, but I'm not sure how you'd set this.
>
> >If I have to use a USB key can anyone who has that USB key break my
> bitlocker?
>
> They would not "BREAK" it. they would access it normally, since
> possesion of the usb - stored key would enable access.
>
> Nik
>
>
> --
> niknik
> ------------------------------------------------------------------------
> niknik's Profile: http://vista64.net/forums/member.php?userid=637
> View this thread: http://vista64.net/forums/showthread.php?t=29092
>
>

>I am Lazy and leave the USB key ... anyone can just turn it on

Yes. This applies to TPM w/o pin as well.

If you leave the keys in your car anybody who is there can drive it.

That's why you either: take the USB key with you or use TPM+pin.

TPM + pin is VERY secure. And other avenues of attack are very very
hard.
(brute forcing AES 128/256 bit.....)

It is a smart thing to do to not allow people to put in passwords!


--
niknik
------------------------------------------------------------------------
niknik's Profile: http://vista64.net/forums/member.php?userid=637
View this thread: http://vista64.net/forums/showthread.php?t=29092

If you use USB by itself (no TPM), then yes that is correct. This is why
USB+TPM is much preferred over USB only. However if you don't have a TPM
chip, your options are limited. Changing habbits (such as, attaching the usb
to your keys) can help improve things.

USB+PIN would be useless, as a PIN would be cracked within hours. This is
why it's not an option.
-
Jamie Hunter [MS]

"lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message
news:070915DE-9AB6-4B57-A667-E2ACAE18BC67@microsoft.com...
> So Basically if I am like 90% of people and am Lazy and leave the USB key
> in
> the computer anyone can just turn it on and access everything ??
>
> "niknik" wrote:
>
>>
>> >Can I install bitlocker on a computer that has NO TPM chip and just use
>> a passphrase only with no usb key?
>>
>> That would be using only the recovery password. it is possible from the
>> infrastructure, but I'm not sure how you'd set this.
>>
>> >If I have to use a USB key can anyone who has that USB key break my
>> bitlocker?
>>
>> They would not "BREAK" it. they would access it normally, since
>> possesion of the usb - stored key would enable access.
>>
>> Nik
>>
>>
>> --
>> niknik
>> ------------------------------------------------------------------------
>> niknik's Profile: http://vista64.net/forums/member.php?userid=637
>> View this thread: http://vista64.net/forums/showthread.php?t=29092
>>
>>

'Jamie Hunter [MS Wrote:
> ']The recovery password is 128 bits of random entropy, with salt and
> stretching (giving an effective cryptographic strength of 160 bits if I
> recall).

Ah yes - the chained sha 256 hashing. One million iterations. Really
impedes brute-forcing. Neat.
Would make passwords a bit safer to use, like the master keys. But then
starting with 128 bit of random data would likely hold even if sha256
would be broken.


--
niknik
------------------------------------------------------------------------
niknik's Profile: http://vista64.net/forums/member.php?userid=637
View this thread: http://vista64.net/forums/showthread.php?t=29092

But if the hard drive is moved from the computer with the TPM, to one
without the TPM, what does the security come down to? A system generated
recovery key? With the TPM out of the way, can the user theoretically then
interpose fraudulent or hacked boot code to allow automated entry of a
password generator, or even bypass the recovery key prompt?
Or does moving the drive in this scenario mean that the system will not
decrypt (at least, will not accept any password or recovery key)?

Finally, there appears to be an option to prevent the creation of a recovery
key. Would that be more secure in this scenario?

Thanks for clearing this up.


"Jamie Hunter [MS]" <jamiehun@nospam.microsoft.com> wrote in message
news:07810704-F55A-4479-9409-87E66E2F4291@microsoft.com...
> This is specifically not allowed, because it is a very weak solution
> subject to dictionary and brute-force attacks.
> The recovery password is 128 bits of random entropy, with salt and
> stretching (giving an effective cryptographic strength of 160 bits if I
> recall).
> The TPM+PIN solution uses hardware to insert a non-resettable delay to the
> extent that a 4 digit pin would take an entire year to crack. To
> understand the power of the hardware, without hardware, a 4 digit purely
> random pin would be cracked in a fraction of a day even with good key
> stretching algorithms.
>
> The 128 bit recovery key (which is generated using the cryptographic
> random number generator) would take 10^31 years (or thereabouts) to crack
> on current processor architectures (due to the salt and stretching
> algorithm).
>
> See http://en.wikipedia.org/wiki/Password_strength for an analysis on
> strong passwords.
>
> -
> Jamie Hunter [MS]
>
> "lvjobhunt" <lvjobhunt@discussions.microsoft.com> wrote in message
> news:F76A6648-4EAD-4C1B-916F-2CAB7D96EDDB@microsoft.com...
>>I am confused about bitlocker. Can I install bitlocker on a computer that
>> has NO TPM chip and just use a passphrase only with no usb key?
>>
>> If I have to use a USB key can anyone who has that USB key break my
>> bitlocker?
>>
>> Can I buy a TPM PCI card?
>

Tech_vs_Life Wrote:
> But if the hard drive is moved from the computer with the TPM, to one
> without the TPM, what does the security come down to? A system
> generated
> recovery key? With the TPM out of the way, can the user theoretically
> then
> interpose fraudulent or hacked boot code to allow automated entry of a
> password generator, or even bypass the recovery key prompt?
>

Yes they can - but then they would not have the FVEK ( the decryption
key needed for the sectors). You could not boot into Vista.

Tech_vs_Life Wrote:
>
> Finally, there appears to be an option to prevent the creation of a
> recovery
> key. Would that be more secure in this scenario?
>

You can't prevent the recovery key from being created. You could wipe
it later off the USB flash drive. But if the hardware changes (
motherboard failure ) then BitLocker goes into "recovery mode" where
you will need the recovery key or password to boot / gain access to the
data.


Nik


--
niknik
------------------------------------------------------------------------
niknik's Profile: http://vista64.net/forums/member.php?userid=637
View this thread: http://vista64.net/forums/showthread.php?t=29092

> You can't prevent the recovery key from being created.

Okay, I see you can disable the 48-digit recovery password, but not the
256-bit recovery key (unless you turn on Active Directory backup, which I
assume also creates a recovery password and/or key). It would be good to
allow the user to select his own recovery key file rather than rely on a
system-generated key, but there is no such option.

> Yes they can - but then they would not have the FVEK ( the decryption
> key needed for the sectors). You could not boot into Vista.

Well, as I understand it, the FVEK is available on the drive, but it's been
encrypted by the VMK. Is the VMK a combination of a key stored in the TPM
and an optional PIN or USB key? In any case, does the recovery key function
as another, second VMK? In that case, if the hard drive is moved to another
computer without the TPM or PIN, then all you need is the 256-bit recovery
key to decrypt the FVEK (and theoretically could use hacked boot code to
repeatedly generate recovery keys). Otherwise, what is use of the recovery
key? Or is it the case that, if the key was originally stored in the TPM,
then the data cannot be decrypted without the TPM, even if you have the
recovery key? (but that makes the recovery key seem useless.) There's
probably a simple answer that I didn't come across.

Thanks.






"niknik" <niknik.2jfv9a@no-mx.vista64.net> wrote in message
news:niknik.2jfv9a@no-mx.vista64.net...
>
> Tech_vs_Life Wrote:
>> But if the hard drive is moved from the computer with the TPM, to one
>> without the TPM, what does the security come down to? A system
>> generated
>> recovery key? With the TPM out of the way, can the user theoretically
>> then
>> interpose fraudulent or hacked boot code to allow automated entry of a
>> password generator, or even bypass the recovery key prompt?
>>
>
> Yes they can - but then they would not have the FVEK ( the decryption
> key needed for the sectors). You could not boot into Vista.
>
> Tech_vs_Life Wrote:
>>
>> Finally, there appears to be an option to prevent the creation of a
>> recovery
>> key. Would that be more secure in this scenario?
>>
>
> You can't prevent the recovery key from being created. You could wipe
> it later off the USB flash drive. But if the hardware changes (
> motherboard failure ) then BitLocker goes into "recovery mode" where
> you will need the recovery key or password to boot / gain access to the
> data.
>
>
> Nik
>
>
> --
> niknik
> ------------------------------------------------------------------------
> niknik's Profile: http://vista64.net/forums/member.php?userid=637
> View this thread: http://vista64.net/forums/showthread.php?t=29092
>