A hobbyist has managed to read the Bitlocker decryption key from a notebook using a Raspberry Pi Pico, which is available in this country for less than 10 euros, and thus access the contents of an SSD encrypted with Bitlocker. He was able to do this by intercepting the communication between the TPM chip soldered on the notebook’s mainboard and the CPU.
Bitlocker is software for encrypting data carriers. The application is installed ex works on modern Windows systems such as Windows 10 and 11 as well as Windows Server 2016, 2019 and 2022. The tool offers in conjunction with a Trusted Platform Module (TPM). “maximum protection”explains Microsoft in a documentation about Bitlocker.
Key can be retrieved within seconds
The latter statement is made in one Video released on Saturday put to the test on the YouTube channel Stacksmashing. At least on systems with external TPM chips, the protection seems to be overridden within a very short time using a cheap single-board computer.
A TPM is there, among other things, to safely store cryptographic keys such as those from Bitlocker and to transfer them to the CPU when necessary so that the user can access their encrypted data. The key is transferred via an LPC bus (Low Pin Count).
The YouTuber located the contacts of the TPM chip on the circuit board of his notebook, which he used to intercept the data transfer with a Raspberry Pi Pico. He managed to read the Bitlocker key in just 43 seconds, including the time it took to open the notebook case.
He was then able to use the key to access the data on the SSD protected with Bitlocker via a Linux system – both reading and writing.
Attack only possible with external TPM chips
The attack demonstrated shows that data encrypted with Bitlocker is not always as well protected as many users assume. However, many systems are unlikely to be vulnerable to such attacks, as modern CPUs – both from Intel and AMD – usually have integrated TPMs. In this case, the key is transferred within the CPU and cannot easily be accessed via contacts on the mainboard.
Security researchers pointed out the possibility of such attacks on systems with external TPM chips as early as summer 2021. The reason for this was the unencrypted transmission of the encryption key, so that the key could easily be intercepted via the TPM’s contacts, it was said at the time.