Submission + - Two Attacks on Bitlocker (usenix.org)
An anonymous reader writes: A paper at USENIX security describes two attacks which makes Microsoft's Bitlocker
vulnerable if it relies only on a TPM for protecting the encryption key.
The TPM attack allows to reset the TPM by hardware means und thus allows
to replay any platform configuration later. Some guys from Darthmouth
have confirmed the attack: http://www.cs.dartmouth.edu/~pkilab/sparks/
The BIOS attack allows to subvert the BIOS not to send any hashes to the TPM
anymore.
These both attacks allows an attacker with physical access to a machine
to fool the TPM about the booting software. Thus the TPM protected encryption
key of Bitlocker can be easily extracted under any other OS for example by a
theft.
The paper is also available here: http://os.inf.tu-dresden.de/papers_ps/kauer07-oslo .pdf