On Shifting “Windows” and “Security” from Less Antonymous to More Synonymous

(Page 7)

The sector key and AES-CBC components both receive 256 bits of key material, which brings the key length to 512 bits, in is entirety. By default, however, the sector key and AES-CBC components use only 128 bits of key material, respectively; this means that some of the key material isn't used. The reasoning behind this is simple: It's easier to throw away bits you don't need, rather than change the key management infrastructure as key lengths vary. Speaking of variable lengths, the block length is allowed to be any power of two, within the range of 512-8192 bytes. In fact, to ensure that any alteration to the ciphertext results in all of a sector's plaintext being modified in a random way, the block cipher is designed to behave as a block cipher with such a variable block size; this is good poor-man's authentication at work. Furthermore, if the block cipher behaves like a “tweakable” block cipher, as described by Liskov, Rivest, and Wagner, at CRYPTO '02, with the algorithm changing slightly, from sector to sector, an adversary won't be able to successfully move one sector's ciphertext to another sector.

Pardon the Yoda-esque tone of this, but: Resourceful, BitLocker is. Secure, as well? Strides have obviously been taken, but analytical time will tell how well. BitLocker has its sight honing in on one particular threat model, specifically – the lost or stolen laptop. It's no secret that folks love to lose track of 'em. All sorts of intended-to-remain-confidential information is waiting to be opened, like a fortune cookie (and as easily as opening a fortune cookie, too, given the absence of security on a great many of those laptops). As long as we're still entrusting humans with the security of devices – let alone keeping up with them – the obvious is inevitable. It's not a matter of eliminating the sloppiness of human-nature, but, rather, isolating and mitigating its mess. After all, it's a whole lot cheaper to replace a laptop, than foot the cost of compromised data.

Musings Until Then

Like a rabid gnat, folks are buzzing with speculation about the cryptographic security of BitLocker, but much of this is short-sighted, and I'll explain why. For BitLocker to be secure isn't necessarily sufficient for it to be able to do its job. Keep in mind that BitLocker is one of many “Vistappendages.” Microsoft mentions BitLocker as being tightly integrated into Windows Vista. I believe in modularity, and local failure. Is it possible for some other part of Vista to fail, and cause BitLocker to fail? If there is tight integration, is it plausible to imagine failure that is global? That is, if one part of the system fails, could BitLocker be one of the other parts that it takes down with it?

< 1 2 3 4 5 6 7 8 >