Microsoft Introduces AES-XTS to BitLocker in Windows 10 Version 1511
In today’s Ask the Admin, I’ll explain changes to BitLocker full disk encryption made in Windows 10 Version 1511.
You’re probably already familiar with Microsoft’s full disk encryption technology, first built-in to Windows 7 and Windows Server 2008 R2. While BitLocker is a convenient way for consumers and organizations to manage full disk encryption in Windows, it hasn’t been without its critics. Much hangs on whether you trust Microsoft, because BitLocker is not open source, so the source code can’t be checked for backdoors.
In 2008, researchers discovered that BitLocker is vulnerable to ‘cold boot attacks,’ where the contents of pre-boot memory can be read from DRAM up to several minutes after a device has been powered off — although Linux, OS X and other OS full disk encryption technologies are also susceptible to this form of attack.
Physical access to a device is required to perform a cold boot attack, although the risks can be reduced by using a Trusted Platform Module (TPM) and PIN. On the plus side, Windows better protects the boot process than other OSes, preventing attackers from running modified boot code.
No More Elephant
AES in Cipher Block Chaining (CBC) mode was the algorithm of choice in Windows 7 and Vista, and Microsoft added a diffuser to provide ‘some additional security properties that are desirable in the disk encryption setting but which are not provided by AES-CBC cipher methods.’
But in Windows 8, Microsoft changed the default encryption options and completely removed the ability to use the aes128_Diffuser and aes256_Diffuser – Elephant Diffuser – options. Microsoft cited speed and non-compliance with encryption standards as the primary reasons for removing the Elephant Diffuser, although the code was retained to ensure backwards compatibility with drives encrypted in Windows 7.
AES-CBC provides something that’s known as poor man’s authentication, which makes the assumption that manipulated ciphertext when decrypted won’t result in meaningful plaintext, hopefully resulting in an operating system crash and thus preventing a hacker from performing evil deeds.
Microsoft goes on to say: ‘The only task of the diﬀuser is to make manipulation attacks harder by providing better poor-man’s authentication than plain AES-CBC provides. Given the limited BitLocker attack model we consider it extremely unlikely that a practical attack against the diﬀuser will be found.’
Without a diffuser, knowing the location of files on disk could allow an attacker to modify specific files. With a diffuser in place, an attacker could still change the encrypted bits, but the decrypted files would more likely result in corrupted files that cause the OS to crash.
Microsoft Compromises on AES-XTS
When Microsoft designed BitLocker, AES-XTS was relatively new, and assumedly as an unproven solution was not considered for that reason. But in Windows 10 Version 1511, AES-XTS is now the standard encryption algorithm, and while it provides less diffusion than AES-CBS + Elephant, it is an accepted standard and works faster than AES-CBS + Elephant.
AES-XTS is not perfect, but then full disk encryption is not easy, and there’s no perfect solution at present that provides the balance of performance and security that might be considered desirable. All we can hope for is that in the future Microsoft, or someone else, develops an encryption standard that meets all the requirements of modern computing. But in the meantime, AES-XTS provides a reasonable solution that’s not only used in BitLocker, but also other popular encryption products.
More in Windows 10
Microsoft Stops Selling Windows 10 Digital Downloads
Feb 1, 2023 | Rabia Noureen
Microsoft Offers Temporary Fix for Start menu or UWP App Freezing Issues on Windows 11 and 10
Jan 26, 2023 | Rabia Noureen
Microsoft to End Sale of Windows 10 Home and Pro Licenses This Month
Jan 19, 2023 | Rabia Noureen
Microsoft Releases a Script to Recover Some Windows App Shortcuts Deleted on Friday 13
Jan 16, 2023 | Rabia Noureen
[Updated] Microsoft to Fix Defender Bug Deleting Windows Apps Shortcuts from Taskbar
Jan 13, 2023 | Rabia Noureen
Microsoft FastTrack Now Helps IT Admins Deploy Windows Autopatch at No Additional Cost
Jan 13, 2023 | Rabia Noureen
Most popular on petri