Pen Testing Windows Vista BitLocker Drive Encryption from the Inside [ PDF ]

This insider’s candid perspective on the threat analysis and penetration of BitLocker Drive Encryption will be a forthright review of its threats, vulnerabilities, and their mitigations — significant since the talk is in advance of the products release date. The presentation will bring together known device attacks such as DMA exploits with “not-widely-discussed” platform vulnerabilities to show how they affect BitLocker Drive Encryption and device security in general.

The presentation will also include the penetration team’s best crack-finding practices, the BitLocker team’s use of Microsoft’s Security Development Lifecycle, threat-modeling, threat-storming, queer views, and other practical tips. Along with DMA exploits, some of the other BitLocker and device attacks to be discussed are: PIN-hammering, key-wear analysis, ciphertext manipulation, physical memory attacks, Trusted Computing Base subversion, LPC bus attacks, and others.

Other threat analysis and penetration insights from the team will include: the poison of conventional wisdom, avoiding paranoia-induced burnout, pros and cons of external security review, security code review best practices, how to avoid analysis paralysis, leveraging dream states, adversary modeling, forensics, and cryptographic validation.