Microsoft BitLocker encryption hacked by a cheap off-the-shelf Raspberry Pi Pico

Safety researcher Stacksmashing confirmed how hackers could use a $4 Raspberry Pi Pico to retrieve the BitLocker encryption key from Home windows PCs in simply 43 seconds, in a YouTube video. The researcher claims that particular assaults can get past BitLocker’s encryption by straight accessing the {hardware} and retrieving the encryption keys saved within the laptop’s Trusted Platform Module (TPM) viz the LPC bus.

It has been proven that the encryption key requires bodily entry to the gadget and a few prolonged know-how or experience — so that is not an prolonged menace throughout the web. After all, BitLocker’s reliance on a TPM for safety could also be its personal downfall on this specific escapade.

The devoted Trusted Module, or TPM has a design flaw that the YouTuber took benefit of. In particular setups, Bitlocker depends upon an exterior TPM to retailer very important knowledge, together with the Quantity Grasp Key and Platform Configuration Registers (that are included in sure CPUs). When utilizing an exterior TPM, the CPU and TPM talk over an LPC bus to ship the encryption keys wanted to unlock the information on the disk. So the safety hacker, Stacksmashing (YouTube), discovered the communication lanes (LPC bus) between the exterior TPM and the CPU are fully unencrypted on boot-up. This allowed the hacker to seek out essential knowledge when it moved between the 2 items — and he was capable of hack the encryption keys.

Take into account that the hacker used an outdated laptop computer that had BitLocker encryption — regardless that the identical kind of assault can be utilized on newer motherboards that use an exterior TPM. Additionally, the newer motherboards require extra work and legwork to intercept the bus site visitors. Safety researcher Stacksmashing made it clear that the Home windows BitLocker and exterior TPMs aren’t as foolproof as many people and corporations assume.

In case your CPU has a built-in TPM, like those present in trendy AMD and Intel CPUs, you need to be secure from this safety flaw since all TPM communication happens throughout the CPU.

Featured Picture Credit score: Picture by George Becker; Pexels