BitLocker Drive Encryption User Experience and Scenarios

BitLocker Drive Encryption:
Scenarios, User Experience, and
Flow
May 16, 2006
Abstract
This paper provides information about Microsoft® BitLocker™, a security feature
that is available in certain Microsoft Windows® operating systems. It provides
guidelines for IT administrators and advanced users to understand the different
scenarios that BitLocker supports, the user interfaces that help set up and manage
keys in the product, and the user experience flow.
This information applies for the Microsoft Windows Vista™ operating system.
The current version of this paper is maintained on the Web at:
http://www.microsoft.com/whdc/system/platform/hwsecurity/BitLockerFlow.mspx
Contents
Overview..................................................................................................................................3
Basic BitLocker Use Scenario (TPM-Only)..............................................................................5
Two-Layer Protection Use Scenarios......................................................................................7
Two-Factor Protection: TPM and PIN.................................................................................7
Two-Layer Protection: TPM and Startup Key......................................................................8
Startup Key–Only Use Scenario............................................................................................10
Recovery Use Scenarios.......................................................................................................12
Accessing a Protected Volume by Using a Recovery Key ...............................................13
Accessing a Protected Volume by Using a Recovery Password .....................................14
Disabling Protection Use Scenario........................................................................................16
BitLocker Setup Wizard User Experience..............................................................................17
Control Panel Main Page..................................................................................................18
Option to Use a Startup Key or PIN for Added Security....................................................18
Save a Startup Key on a USB Drive.................................................................................19
Set a Startup PIN..............................................................................................................20
Create a Recovery Password ..........................................................................................21
Option to Save the Recovery Password...........................................................................22
Save a Recovery Password to a USB Drive.....................................................................22
Show the Recovery Password..........................................................................................23
Print the Recovery Password............................................................................................23
Save the Password in a Folder.........................................................................................24
Recovery Warning ............................................................................................................24
Encrypt the Volume...........................................................................................................25
Pre-Windows Boot and Recovery User Experience..............................................................25
Key Management User Experience.......................................................................................29
Manage Keys Options.......................................................................................................30
Duplicating the Recovery Password.................................................................................31
Duplicating the Startup Key...............................................................................................31
Resetting the PIN..............................................................................................................31
Definitions..............................................................................................................................31
Appendix ...............................................................................................................................33
Key Architecture and Design.............................................................................................33
Administration...................................................................................................................36

BitLocker Drive Encryption: Scenarios, User Experience, and Flow - 2
Disclaimer
This is a preliminary document and may be changed substantially prior to final commercial release of the
software described herein.
The information contained in this document represents the current view of Microsoft Corporation on the
issues discussed as of the date of publication. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot
guarantee the accuracy of any information presented after the date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights
under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval
system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or
otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property
rights covering subject matter in this document. Except as expressly provided in any written license
agreement from Microsoft, the furnishing of this document does not give you any license to these
patents, trademarks, copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail
addresses, logos, people, places and events depicted herein are fictitious, and no association with any
real company, organization, product, domain name, email address, logo, person, place or event is
intended or should be inferred.
© 2006 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, BitLocker, Windows, Windows Server, and Windows Vista are either
registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
April 28, 2006

Overview
Microsoft® BitLocker™ Drive Encryption is a feature in Microsoft Windows Vista™
Enterprise and Ultimate editions that protects data when a computer is in
unauthorized hands or is running an exploiting operating system. BitLocker does
this by preventing an unauthorized user who boots another operating system or
runs a software hacking tool from breaking Windows Vista file and system
protections, or even viewing the files that make up the operating system itself. The
same technology also cryptographically secures the hibernation file, which contains
all programs and documents that were open when the computer hibernated.
BitLocker is a hardware-based security feature that addresses the growing need for
better data protection. The feature uses a hardware device, the Trusted Platform
Module (TPM) 1.2 to protect user data and to ensure that a PC that is running
Windows Vista has not been tampered with while the system was offline. BitLocker
provides both mobile and office enterprise information workers with more data
protection when their systems are lost or stolen. Specific logo requirements must be
satisfied to ensure proper functioning of BitLocker with TPM. BitLocker can also be
used on Windows Vista computers without a TPM.
Note: The TPM is a microcontroller root of trust and can be leveraged to provide a
variety of cryptographic services. TPM v1.2 with compatible BIOS upgrades gives
BitLocker the ability to validate the integrity of critical early boot components and a
transparent startup experience. The nature of this chip ensures that the information
that is stored there is more secure from external software attacks and physical theft.
BitLocker can be transparent to the user and is easy to deploy and manage. When
a system is compromised, BitLocker has a simple and efficient recovery process for
authorized users.
BitLocker Drive Encryption:
• Ensures boot integrity because it is:
• Resilient to attack. It protects the system from offline software-based
attacks.
• Locks the system when tampered with. If any monitored files are
altered or deleted, the system will not boot. This alerts users to changes in
their system.
• Protects data while the system is offline because it:
• Encrypts user data and system files. All data on the Windows volume is
encrypted: user data, system files, hibernation file, page file, and temporary
files.
• Provides umbrella protection for third-party applications, which benefit
automatically when installed on an encrypted volume.
• Eases equipment recycling by:
• Simplifying the recycling process. Data on the encrypted volume can be
rendered useless by deleting the TPM key store.
• Facilitating data deletion. Making data permanently unusable takes
seconds instead of hours.
The main goal of BitLocker is to protect data on the operating system volume of the
hard drive when the computer is turned off or hibernated. To achieve this, volume
contents are encrypted with a full-volume encryption key (FVEK), which in turn is
April 28, 2006

encrypted with a volume master key (VMK), as shown in Figure 1. Securing the
VMK is an indirect way of protecting data on the disk volume. The addition of the
VMK allows the system to rekey easily when keys upstream in the trust chain are
lost or compromised, given that decrypting and reencrypting the entire disk volume
is expensive.
In the basic use scenario, the VMK is bound, or sealed, to the TPM 1.2 security
hardware. Access to data on the protected operating system volume is possible if
the TPM successfully validates the integrity of critical early boot components in the
operating system. The default TPM platform validation profile secures the VMK
against changes to the Master Boot Record (MBR) Code (PCR 4), the NTFS Boot
Sector (PCR 8), the NTFS Boot Block (PCR 9), the NTFS Boot Manager (PCR 10),
and the Volume Key and Critical Components (PCR 11).
Recovery mechanisms exist for authorized users who encounter legitimate recovery
scenarios. For example, if the TPM fails validation due to a necessary upgrade, if
the system board that contains the TPM is replaced, or if the hard drive that
contains the operating system volume is moved to another computer, the system
enters recovery mode and the user can use a recovery key that is stored on a USB
key.
After BitLocker authenticates access to a protected operating system volume, a
filter driver in the Windows Vista file system stack uses the FVEK to encrypt and
decrypt disk sectors transparently as data is written to and read from the protected
volume. When the computer hibernates, an encrypted hibernation file is saved to
the protected volume. Pending access authentication, this saved file is decrypted
when the computer resumes from hibernation.
This document presents multiple BitLocker user scenarios and describes setup,
management, and recovery. Screenshots, diagrams, and examples demonstrate
how a local or domain administrator can use the BitLocker Setup Wizard, the key
management user interface (UI), or easily-deployable scripts to turn on and manage
BitLocker, and how a users can access their data in recovery scenarios.
Note that because Windows Vista has not been released, actual screenshots, text,
and flows may change.
Notes on Terminology in This Document
• The term volume means an area of storage on a hard disk. A volume is
formatted by using a file system, such as NTFS, and has a drive letter that is
assigned to it. This is different from a partition, which is a portion of a physical
disk that functions as though it were a physically separate disk. After a partition
is created, it must be formatted and assigned a drive letter before data can be
stored on it. A volume could exist for each partition on a hard drive, or volumes
can span multiple partitions. BitLocker works with volumes, not partitions.
• The term boot volume is the volume that contains the Windows operating
system and its support files, In this document, the Windows Vista terminology
operating system volume is used. The system volume is the volume that
contains the required hardware-specific files to load Windows on x86-based
computers after the BIOS has booted the platform. In this document, this is
called the system (active) volume. For BitLocker to work, the system volume
must not be encrypted, must differ from the operating system volume, and must
be formatted with NTFS.
April 28, 2006

Basic BitLocker Use Scenario (TPM-Only)
A user wants to protect data on his or her laptop in case the computer is lost or
stolen. The laptop contains a compatible TPM (version 1.2, with BIOS support) and
has two volumes: a system volume and an operating system volume with a version
of Windows that supports BitLocker.
Scenario Enable/Disable: This scenario can be enabled or disabled by using the
Security item in Windows Vista Control Panel. For more information, see "BitLocker
Setup Wizard User Experience," later in this paper.
• When BitLocker is turned on, the operating system volume is encrypted and
the VMK is protected by sealing it to the TPM.
• When BitLocker is disabled, the VMK is available through a clear key, so
the data is still encrypted, but accessible to anyone.
• When BitLocker is turned off, the volume is decrypted and all keys must be
re-created if BitLocker is turned on again at a later time.
Key Change/Duplication: All keys in this scenario are not visible to the user and
cannot be changed, duplicated, or revoked.
Protected Volume Move: A move of the protected operating system volume to
another TPM-enabled machine requires a recovery key or password-based
recovery. The VMK must also be resealed to the new TPM. This also applies to
scenarios where the system board (with the old TPM) must be changed. For more
information, see "Recovery Use Scenarios," later in this paper.
When BitLocker is enabled, data on the operating system volume is protected by
encrypting volume contents with the FVEK, encrypting the FVEK with the VMK, and
sealing the VMK to the TPM. When BitLocker is turned off, the volume is decrypted
and all keys are removed. New keys are created if BitLocker is turned on again at a
later time.
During BitLocker setup, creation of a recovery password or recovery key is highly
recommended. Users require the recovery key or password to access data if the
computer enters recovery mode. The following circumstances trigger recovery
mode:
• A hard disk that contains a BitLocker-protected operating system volume is
moved to another computer.
• A system board is changed.
• The TPM on the computer fails to validate successfully.
• Other circumstances change the boot sequence.
For more information, see "Recovery Use Scenarios," later in this paper.
User Interface Support
1. In Control Panel, navigate to the BitLocker icon in the Security item to turn on
BitLocker.
2. Click Turn On BitLocker to run the BitLocker Setup Wizard.
3. Create a recovery key or a recovery password as part of the setup process,
skipping all other options.
For more information, see "BitLocker Setup Wizard User Experience," later in
this paper.
4. After BitLocker is turned on, navigate to the Security item in Control Panel to
turn off or disable BitLocker.
April 28, 2006

Scripting Support
Note: The method names in this section are exposed through the BITLOCKER
Windows Management Instrumentation (WMI) Provider,
Win32_EncryptableVolume.
1. Use ProtectKeyWithTPM to secure the encryption key for the volume to the
TPM.
2. Create recovery binary large objects (BLOBs):
• Use ProtectKeyWithExternalKey to create a recovery key.
• Use ProtectKeyWithNumericalPassword to create a recovery
password.
3. Use Encrypt to encrypt the volume.
4. Use GetConversionStatus to indicate when the volume is fully encrypted.
5. Use GetProtectionStatus to ensure that BitLocker protection is turned on.
6. Use Decrypt to decrypt the volume and turn off BitLocker protection.
Figure 1. Accessing a BitLocker-enabled volume with TPM protection
April 28, 2006

Two-Layer Protection Use Scenarios
BitLocker offers two types of two-layer protection use scenarios:
• Two-factor authentication
• Two-layer key protection
In the first type, the user is authenticated with two-factor authentication: what the
user has (the TPM) and what the user knows (a PIN). In the second type, the user
uses two things (the TPM and a USB device) to authenticate.
Two-Factor Protection: TPM and PIN
A user wants to protect the data on his computer with two-factor authentication:
what he has (TPM)] and what he knows (PIN). He is willing to type the PIN each
time the computer starts.
When the PIN is created, it is linked to the VMK. Now when BitLocker is enabled,
the user must enter the PIN to access any information on the encrypted volume.
The PIN can be changed, but it cannot be stored or backed up. Like the basic
BitLocker use scenario, the creation of a recovery password or recovery key is
highly recommended to access a BitLocker-enabled disk volume in recovery
scenarios (for example, if the user forgets the PIN).
BitLocker and enable PIN support.
• Click Turn On BitLocker to run the BitLocker Setup Wizard.
• Create a recovery key or a recovery password as part of the setup
process.
• Use the Create PIN? dialog box to enable PIN authentication.
• For more information, see screen 2a in Figure 7, later in this paper.
2. Reset or change the PIN through the Manage Keys link in the Control Panel
BitLocker item.
The following security notes exist in Windows Vista:
• After BitLocker protection is turned on; the PIN cannot be added without
first decrypting the disk and turning off BitLocker.
• After the PIN is created and BitLocker protection is turned on, the PIN
cannot be removed without first turning off BitLocker.
Scripting Support
1. Use ProtectKeyWithTPMAndPIN to secure the encryption key for the
volume to the TPM, enhanced with PIN authentication.
Note that this method can be used even if a TPM-only authentication BLOB
already exists or BitLocker protection has already been turned on.
2. Create recovery BLOBs:
password.
April 28, 2006

7. Use DeleteKeyProtector to remove the TPM-plus-PIN authentication BLOB.
8. Use ProtectKeyWithTPMAndPIN once again to re-create the TPM-plus-PIN
BLOB (with possibly a different PIN).
Figure 2. Accessing a BitLocker-enabled volume with PIN-enhanced TPM
protection
Two-Layer Protection: TPM and Startup Key
A user wants to protect the data on her computer with two-layer authentication:
TPM and USB flash drive that contains a startup key. She is willing to insert the
USB flash drive that contains the startup key each time before the computer starts.
Scenario Enable/Disable: The two-layer authentication scenario can be enabled
and disabled starting with the Security item in Windows Vista Control Panel and
using the follow-on Create Startup Key dialog box (see screen 2b in Figure 7, later
in this paper). The first version of BitLocker has no UI that allows the user to easily
turn on or turn off the two-layer protection at a later time, after BitLocker setup. If
the user decides to turn off two-layer protection by removing the startup key layer,
she must disable and reenable BitLocker.
Key Change/Duplication: Except for the PIN, all keys in this scenario are not
visible to the user and cannot be changed, duplicated, or revoked. The PIN value
April 28, 2006

can be reset in the Control Panel BitLocker item, but cannot be stored or
escrowed.
The startup key is stored on the computer that is encrypted by the VMK, but cannot
be backed up automatically. Like the BitLocker use scenario, the creation of a
recovery password or recovery key is highly recommended to access a BitLocker-
enabled disk volume in recovery scenarios (for example, losing the USB flash drive
that contains the startup key).
Although the startup key is required from power-up until Windows logon, it should
be removed afterwards to secure two-layer authentication.
BitLocker and enable startup key support.
• Click Turn On BitLocker to run the BitLocker Setup Wizard.
• Create a recovery key and/or a recovery password as part of the setup
process.
• Use the Create a startup key for added security dialog box to add a
startup key.
• For more information, see screen 1 in Figure 7, later in this paper
2. Duplicate the startup key through the Manage Keys link in the Control Panel
BitLocker item.
• After BitLocker protection is turned on, the startup key cannot be added
without first decrypting the disk and turning off BitLocker.
• After the startup key is created and BitLocker protection is turned on, the
startup key cannot be removed without first turning off BitLocker.
• After the startup key is created and BitLocker protection is turned on, the
startup key cannot be changed without first turning off BitLocker.
Scripting Support
1. Use ProtectKeyWithTPMAndStartupKey to secure the encryption key for the
volume to the TPM, enhanced with startup key authentication.
2. Create recovery BLOBs:
password.
7. Use DeleteKeyProtector to remove the TPM-plus-startup-key authentication
BLOB.
8. Use ProtectKeyWithTPMAndStartupKey again to re-create the TPM-plus-
startup-key BLOB (with possibly a different startup key).
April 28, 2006

Figure 3. Accessing a BitLocker-enabled volume with startup key–enhanced
TPM protection
Startup Key–Only Use Scenario
A user wants to protect his data on a system without a compatible TPM. He is
willing to insert the USB flash drive that contains the startup key each time the
computer starts.
Scenario Enable/Disable: This scenario can be enabled and disabled by using the
Security item in Windows Vista Control Panel. The user must create a startup key
by using the wizard when turning on BitLocker. This scenario can also be enabled
through scripting. When the feature is disabled, the volume is decrypted and all
keys are destroyed and must be re-created if the feature is reenabled at a later
time.
Key Change/Duplication: The startup key is created for the user and is visible for
saving to a file in a user-determined location. The startup key can be copied but
cannot be changed.
Volume Move: Moving the protected volume to another computer without a
TPM 1.2 requires only the presence of the USB flash drive that stores the startup
key. Moving the protected volume to a TPM-enabled computer requires the startup
key (or, as usual, the recovery key or password-based recovery).
When the user has a computer without an appropriate TPM and wants to leverage
BitLocker functionality (and has a system volume and an operating system volume
configured), he enables it through the BitLocker item in Windows Vista Control
April 28, 2006

Panel. The system generates a startup key when the user inserts a USB flash drive,
and saves the startup key. The USB device is now required for booting (or resuming
from hibernation).
The user inserts the USB flash drive and turns on the computer. The PC boots into
the operating system, and the user can start using the system normally. For a
diagram of the process of decrypting data on a protected volume by using external
media only (for example, no TPM), see Figure 4.
Using the Control Panel BitLocker item, the user can create a backup (copy) of the
startup key on a destination of his choosing.
Another scenario is volume recovery. If the user’s system is damaged and he must
move the hard drive to a new machine, he can use the recovery key on his external
device to decrypt and recover the volume.
The overall BitLocker security of a system that uses a startup-key-only scenario is
not at the same high level as the security of a system that uses a TPM.
1. Create and save a startup key as part of the BitLocker Setup Wizard.
For more information, see screen 1 in Figure 7, later in this paper.
2. Save the created startup key as part of the key management interface.
3. Insert the startup key as part of the boot process.
• After creation, the startup key cannot be changed.
• After creation, the startup key cannot be removed or revoked.
Scripting Support
1. Use ProtectKeyWithExternalKey to create an external key that is used as a
startup key for a computer without a compatible TPM.
2. Use SaveExternalKeyToFile to write a file that contains the startup key to a
USB flash drive or another location.
3. Use UnlockWithExternalKey to unlock a volume with a startup key.
4. Use GetKeyProtectors to list the created external keys for a disk volume.
5. Use DeleteKeyProtector to remove the external key authentication BLOB that is
associated with a created startup key.
6. Use GetKeyProtectorExternalKey to retrieve the key contents of a created
startup key BLOB.
April 28, 2006

Figure 4. Volume decryption process with startup key from external media
and no TPM
If an external device is lost, the startup key can be revoked through volume
reencryption. The volume must be recovered by using the recovery key or the
recovery password and a new startup key generated. All other volumes that also
use the lost startup key must undergo a similar procedure.
Recovery Use Scenarios
Recovery is using a recovery key or password to decrypt a copy of the VMK. The
TPM is not involved in recovery scenarios, so recovery is possible if the TPM fails
boot component validation, malfunctions, or is inaccessible.
Various scenarios can trigger recovery:
• Upgrade of the system board or TPM.
• Damage to a computer that causes the user to move the BitLocker-enabled
volume to a different computer with a different TPM or no TPM at all.
• Turning off, disabling, or clearing the TPM.
• Upgrading critical early boot components that causes the TPM to fail
validation.
• Forgetting the PIN if TPM-plus-PIN authentication has been enabled.
• Losing the USB flash drive that contains the startup key if TPM-plus-
startup-key authentication has been enabled.
April 28, 2006

• Redeploying desktops or laptops to others in the enterprise (such as to
users with different security clearances).
• Retasking desktops in place (changing the purpose of that machine, for
example, an IT administrator reinstalling the operating system remotely).
BitLocker cannot distinguish between a legitimate upgrade to critical early boot
components by the user and a malicious change to these same boot components
by an attacker. Both cases trigger recovery, and anyone with access to recovery
tokens can read BitLocker-protected data. For these reasons, it is important to keep
recovery keys and passwords secure and accessible only to authorized individuals.
If the cause of recovery is unknown, avoid unknowingly accepting malicious
changes to critical files by validating and resetting critical boot components to a
known-good state.
Accessing a Protected Volume by Using a Recovery Key
A user cannot boot into her BitLocker-enabled operating system volume because
the system is in recovery mode. She previously created a recovery key and saved it
onto a USB flash drive.
The recovery key can be created and saved to a USB flash drive during BitLocker
setup, and be managed and copied after BitLocker is enabled.
By inserting the USB flash drive that contains the recovery key into the computer
when it starts, the user can access the operating system volume regardless of the
state of the TPM.
1. Create a recovery key as part of the BitLocker Setup Wizard.
2. Make a copy of the created recovery key as part of the key management
interface.
3. Input the recovery key as part of the pre-Windows text-mode recovery interface.
For more information, see "Pre-Windows Boot and Recovery User Experience,"
later in this paper.
The following security notes exist in BitLocker:
• After creation, the recovery key cannot be changed.
• After creation, the recovery key cannot be removed or revoked.
• After BitLocker is enabled, a new recovery key cannot be added.
Scripting Support
1. Use ProtectKeyWithExternalKey to create a recovery key.
Note that this method can be used even if a recovery key BLOB already exists
or BitLocker protection has already been turned on.
2. Use SaveExternalKeyToFile to write a file that contains the recovery key to a
USB flash drive or another location.
3. Use UnlockWithExternalKey to unlock a volume with the recovery key.
4. Use GetKeyProtectors to list the created recovery keys for a disk volume.
5. Use DeleteKeyProtector to remove the external key authentication BLOB that is
associated with a created recovery key.
April 28, 2006

6. Use GetKeyProtectorExternalKey to retrieve the key contents of a created
recovery key BLOB.
Figure 5. Accessing a BitLocker-enabled volume with recovery key
Accessing a Protected Volume by Using a Recovery Password
A user cannot boot into his BitLocker-enabled operating system volume because
recovery was triggered. He previously created a recovery password and either
wrote it down, printed it, or saved it to a file.
The recovery password is randomly generated during BitLocker setup and can be
managed and copied after BitLocker is enabled. Through the wizard, the recovery
password can be printed or saved to a file for future use.
The domain administrator can configure Group Policy to automatically generate
recovery passwords and transparently back them up to Microsoft Active Directory®
when BitLocker is enabled. Furthermore, the domain administrator can choose to
prevent BitLocker from being enabled unless the computer is connected to the
network and Active Directory backup of the recovery password is successful.
The domain administrator can retrieve a stored recovery password when the
protected computer is in recovery mode. For example, if an employee must recover
his operating system volume while traveling, he can call IT help desk support and
obtain the appropriate recovery password.
1. Create, save, or print a recovery password as part of the BitLocker Setup
Wizard.
April 28, 2006

2. Save or print a copy of the created recovery password as part of the key
management interface.
3. Input the recovery password as part of the pre-Windows text-mode recovery
interface.
For more information, see "Pre-Windows Boot and Recovery User Experience,"
• After creation, the recovery password cannot be changed.
• After creation, the recovery password cannot be removed or revoked.
• After BitLocker is enabled, a new recovery password cannot be added.
Scripting Support
1. Use ProtectKeyWithNumericalPassword to create a recovery password.
Note that this method can be used even if a recovery password BLOB already
exists or BitLocker protection has already been turned on.
If Active Directory backup is enabled or required by Group Policy, this method
also stores the recovery password to Active Directory.
2. Use UnlockWithNumericalPassword to unlock a volume with a recovery
password.
3. Use GetKeyProtectors to list the created recovery passwords for a disk volume.
4. Use DeleteKeyProtector to remove the numerical password authentication
BLOB that is associated with a created recovery password.
5. Use GetKeyProtectorNumericalPassword to retrieve the numerical password
content of a created recovery password BLOB.
Figure 6. Accessing a BitLocker-enabled volume with recovery password
April 28, 2006

Disabling Protection Use Scenario
When BitLocker is disabled, the volume is encrypted but the VMK is freely available
on disk, encrypted with a symmetric clear key that is stored on the hard disk. The
availability of the clear key disables the security that BitLocker offers, but ensures
that all subsequent computer boots will succeed under any circumstance.
The administrator may be required to temporarily disable BitLocker in the following
scenarios:
• The machine reboots for maintenance without requiring user input (for
example, of PIN or startup key).
• Upgrade of critical early boot components without triggering BitLocker
recovery.
• Installation of another operating system may change the boot manager.
• Repartition of the disk may change the partition table.
• Other system tasks may change the boot components that are
validated by the TPM.
• Upgrade of the system board to replace or remove the TPM without
triggering BitLocker recovery.
• Turning off, disabling, or clearing the TPM without triggering BitLocker
recovery.
• Moving a BitLocker-protected disk to another machine without triggering
BitLocker recovery.
• Losing all recovery tokens and needing to safely create new ones before
triggering BitLocker recovery.
When BitLocker is reenabled, the clear key is removed from the disk volume and
BitLocker protection is turned on again.
Exposing the VMK even for a brief period is a security risk because it is possible
that an attacker has accessed the VMK and FVEK when these keys were exposed
by the clear key.
Scenario Enable/Disable: This scenario can be enabled or disabled through the
BitLocker item in Windows Vista Control Panel. When clear key is enabled, the
volume remains encrypted, but the clear key is stored locally on disk. When clear
key is disabled, the volume remains encrypted and the clear key is removed from
the disk.
Key Change/Duplication: The clear key is stored, as the name suggests, in the
clear on the local hard drive, in a predetermined location. It cannot be copied, nor
can it be changed, because it is not visible to the user and is not stored as a file. All
other keys (VMK and FVEK) in this scenario are unseen to the user and cannot be
changed, duplicated, or revoked.
Volume Move: Moving the protected volume to another TPM-enabled machine
does not require any additional steps because the key that protects the VMK is
stored locally, in the clear.
1. In Control Panel, navigate to the BitLocker icon in the Security item.
• Click the Disable BitLocker link to disable BitLocker.
• For more information, see "BitLocker Setup Wizard User Experience,"
April 28, 2006

2. After BitLocker is disabled, navigate to the Control Panel BitLocker item to
enable BitLocker.
Scripting Support
1. Use DisableKeyProtectors to disable BitLocker protection and authentication
without decrypting the volume.
2. Perform the task and optionally reboot the computer.
3. Use EnableKeyProtectors to enable BitLocker protection and update the
validation of any boot components that may have changed.
4. Use GetKeyProtectorPlatformValidationProfile to determine the boot
components that the TPM validated.
BitLocker Setup Wizard User Experience
The BitLocker Setup Wizard allows administrators or users to enable BitLocker.
Administrators can specify how the encryption key is protected and begin
encryption of the disk volume that contains Windows Vista.
This wizard is available from the BitLocker icon in the Security item of Control
Panel by clicking the Turn On BitLocker link.
The flow for BitLocker Setup Wizard is shown in Figure 7. Each screenshot is also
available at a larger scale later in this section.
Figure 7. BitLocker Setup Wizard user interface flow
April 28, 2006

Control Panel Main Page
Figure 8. Control Panel Main Page with TPM Initialized
Option to Use a Startup Key or PIN for Added Security
Figure 9. Option to use a startup key or PIN for added security
(screen 1 in Figure 7)
April 28, 2006

This screen is used to choose either a startup key (on a USB flash drive) or a PIN
for additional security, assuming that a TPM is present. Users can also choose not
to add this layer of protection.
If a TPM is not being used, only the Save a Startup Key on a USB Drive option is
available. The Set a Startup PIN and Don't Use a Startup Key or Pin options are
unavailable because they rely on a TPM.
For more information, see "Two-Layer Protection: TPM and Startup Key," earlier in
this paper.
Save a Startup Key on a USB Drive
Figure 10. Save a startup key on a USB drive (screen 2b in Figure 7)
This screen is used to choose a USB drive on which to save a startup key. With this
option, the user must insert the key before starting the computer.
April 28, 2006

Set a Startup PIN
Figure 11. Create a PIN (screen 2a in Figure 7)
This screen offers the option to enter a 4- to 20-digit PIN. Setting a PIN adds an
extra factor of authentication protection. For more information, see "Two-Factor
Protection: TPM and PIN," earlier in this paper.
Domain administrators can require or disallow PIN creation.
April 28, 2006

Create a Recovery Password
Figure 12. Create Recovery Password (screen 3 in Figure 7)
This screen is used to create a recovery password. For more information on how
the recovery password is used, see "Accessing a Protected Volume by Using a
Recovery Password," earlier in this paper. If the user chooses to create a recovery
password, screen 4 (shown in Figure 13) appears, which has options on the format
of the recovery password.
Domain administrators can use their Group Policy to require or disallow recovery
password creation.
April 28, 2006

Option to Save the Recovery Password
Figure 13. Save the recovery password (screen 4 in Figure 7)
This screen is used to save the recovery password to a USB drive or a folder, to
display the password, or to print the password. For more information on how the
recovery password is used, see "Accessing a Protected Volume Using a Recovery
Password," earlier in this paper.
Save a Recovery Password to a USB Drive
Figure 14. Save recovery password to USB (screen 4a in Figure 7)
This screen is used to save a recovery password on a USB flash drive. For more
information on how this recovery password is used, see "Recovery Scenario by
Using a Recovery Key," earlier in this paper.
April 28, 2006

Users should not save the recovery password on the same USB flash drive that
they use for the startup key. If they lose that flash drive, they may lose access to
their data.
Domain administrators can use Group Policy to require or disallow recovery
password creation.
Show the Recovery Password
Figure 15. Show recovery password (screen 4b in Figure 7)
This screen is used to display a recovery password on screen.
password creation.
Print the Recovery Password
Figure 16. Print recovery password (screen 4c in Figure 7)
This screen is used to print the recovery password.
password creation.
April 28, 2006

Save the Password in a Folder
Figure 17. Save recovery password to a folder (screen 4d in Figure 7)
This screen offers the option to save a recovery key as a file to a folder, such as a
folder on a network share. For more information on how this recovery key is used,
see "Recovery Scenario by Using a Recovery Key," earlier in this paper.
password creation.
Recovery Warning
Figure 18. Warning to create recovery options (screen 5 in Figure 7)
This screen appears only if none of these four recovery creation options has been
chosen:
• Save a recovery password to a file.
• Print a recovery password.
• Save a recovery key to a pluggable USB storage device.
• Save a recovery key file to a folder.
Domain administrators can turn off the appearance of this warning screen through
Group Policy.
April 28, 2006

Encrypt the Volume
Figure 19. Encrypt the volume (screen 6 in Figure 7)
This screen notifies the users that the encryption of the volume is about to begin.
The amount of time that this step takes is directly related to the size of the volume.
However, encryption is performed in the background so that the computer can
continue to be used while the volume is being encrypted. In addition, the
administrator can pause and resume encryption at any time. Encryption is
automatically paused when the computer is turned off or hibernated and can be
resumed when the computer is turned on again. Encryption takes approximately
one minute per gigabyte (GB).
Pre-Windows Boot and Recovery User Experience
When a BitLocker-enabled operating system volume boots, Windows Vista boot
code must perform authentication steps before unlocking or allowing access to the
protected volume.
BitLocker attempts to unlock a volume in the following sequence:
1. Clear key: Protection has been disabled and the VMK is freely accessible. No
authentication is necessary.
2. Authentication that does not require UI to be presented:
• TPM: The TPM successfully validates early boot components to unseal
the VMK.
• TPM plus startup key: The TPM successfully validates early boot
components, and a USB flash drive that contains the startup key has been
inserted.
April 28, 2006

3. Authentication for which text-mode UI must be presented to the user:
• TPM plus PIN: The user must enter the correct PIN before the TPM can
be successfully validated.
• Recovery key and/or startup key: The user must insert the USB flash
drive that holds the recovery key or startup key.
• Recovery password: The user must enter the correct recovery
password.
April 28, 2006

Figure 20 illustrates the flow of this boot-time unlocking process and shows when
pre-Windows text-mode interface is presented to the user.
Figure 20. Flow to unlock an operating system volume
April 28, 2006

For all system boot process scenarios, if the required method of authentication is
present, the operating system volume unlocks and continues booting.
If the required method of authentication is not present, the interface appears as
shown in the following paragraphs.
If the Startup Key is not present (screen 1):
The key required to unlock this volume was not found.
Please insert removable storage media containing the Startup Key
or the Recovery Key.
Then press ENTER to reboot.
If the media is inserted and the correct key is found (screen 0 in Figure 20):
You may now remove the media.
When the PIN is enabled, when booting (or resuming from hibernation), the user
sees a screen that requests the PIN (screen 2 in Figure 20):
To start this computer, type its BitLocker Drive Encryption
startup PIN and then press Enter.
[
Use function keys F1 through F9 for 1 through 9, and F10 for 0.
Use the Tab, Home, End, and Arrow keys to move the cursor.
If you do not have the correct startup PIN, press Escape.
If the PIN that is entered is incorrect, the following error text appears (screen 3 in
Figure 20):
The startup PIN you entered is not correct for this disk volume.
To re-enter the startup PIN, press Enter.
If you do not have the correct startup PIN, press Escape.
Pressing ESC opens a screen that is determined by the recovery mechanism that
the user set up. If the user did not set up an external media recovery key, the
password-based recovery screen appears. If the user did set up a recovery key, the
external media-based recovery-key screen appears.
At boot time, if the USB storage device that contains the recovery key has not been
inserted, the key has not been found, or the key is incorrect, the following message
appears (screen 1 in Figure 20):
The key required to unlock this volume was not found.
Please insert removable storage media containing the Startup Key
or the Recovery Key.
Then press ENTER to reboot.
The same message appears if the recovery key is not found on the inserted USB
storage device, is found but is invalid, and so on.
Pressing ESC opens the password-based recovery screen, if a recovery password
was set. The recovery screen now appears (screen 5 in Figure 20):
To start this computer, type its 48-digit BitLocker Drive
Encryption recovery password and then press Enter.
__ ______ ______ ______ ______ ______ ______ ______
April 28, 2006

Use function keys F1 through F9 for 1 through 9, and F10 for 0.
Use the Tab, Home, End, and Arrow keys to move the cursor.
If you do not have the correct recovery password, press Escape.
If an incorrect password was entered, the error text that is associated with this
screen appears (screen 6 in Figure 20):
The recovery password you entered is not correct for this disk
volume.
To re-enter the recovery password, press Enter.
If you do not have the correct recovery password, press Escape.
Pressing ESC opens the last screen (screen 7 in Figure 20):
This computer’s system disk volume has been locked by BitLocker
Drive Encryption. The files in this volume are encrypted and
cannot be recovered without the BitLocker Drive Encryption
recovery key or recovery password.
If you have the correct BitLocker Drive Encryption recovery key
or recovery password, click Escape to reboot.
To permanently erase the unrecoverable files and reinstall
Windows: insert your Windows product CD and then restart the
computer.
The same screen appears if no recovery mechanisms have been set.
Key Management User Experience
When the volume has been encrypted and protected with BitLocker, the Manage
Keys feature allows local and domain administrators to duplicate keys and reset the
PIN. Links in the console appear only for the keys that have been created at
BitLocker setup time.
April 28, 2006

The flow for managing keys is shown in Figure 21. Each screenshot is subsequently
available at a larger scale later in this section.
Figure 21. Managing keys UI flow
Manage Keys Options
Figure 22. Manage keys (screen m1 in Figure 21)
This screen shows the user all the key management options that this feature offers:
• Duplicate the recovery password
• Duplicate the recovery key
• Reset PIN
April 28, 2006

Each of these keys and authentication values is defined in earlier sections of this
document, along with use scenarios for each.
Duplicating the Recovery Password
Screen 4 (in Figure 21) enables the user to print out the optional 48-digit recovery
password or to save it on another computer.
Duplicating the Startup Key
Screen 2b (in Figure 21) enables the user to save the startup key to a USB flash
drive.
Resetting the PIN
Screen 2a (in Figure 21) enables the user to reset the PIN. This screen is similar to
screen 2a in the BitLocker Setup Wizard.
Definitions
BLOB
binary large object; any cryptographically-protected piece of data. For example,
the VMK is sealed to the TPM but the resulting BLOB returned by the
TPM_Seal operation is actually stored on disk. Similarly, the VMK can be
encrypted by a clear key, external key, or recovery password and stored on disk
as a BLOB.
BDE
BitLocker Drive Encryption; the Windows Vista feature that enables disk
volumes to be encrypted and protected with a TPM.
BitLocker disabled
A condition in which the disk volume is encrypted, but the FVEK that is used to
encrypt the operating system volume is freely available via a clear key.
Although the volume is encrypted, security is effectively disabled.
BitLocker enabled
A condition in which data on the volume is encrypted as it is written and
decrypted as it is read. When the computer starts, successful validation of
critical early boot components by the TPM (in conjunction with a startup key or
PIN, if configured), input of a recovery password, or a insertion of USB flash
drive that contains a recovery key is required to decrypt the VMK and access
the volume.
BitLocker off
When BitLocker protection is off on a disk volume, a condition in which the disk
volume is not encrypted and BitLocker protection is not in effect. This is a disk
volume with a standard clear text file format.
BitLocker on
Same as BitLocker enabled.
clear key
A key that is stored in the clear on the disk volume. This key is used to freely
access the VMK and, in turn, the FVEK when BitLocker protection is disabled
but the disk volume remains encrypted. See BitLocker disabled.
external key
A key that is stored external to the system (for example, USB flash drive). This
key can be used as a startup key or a recovery key. A copy of the external key
is stored encrypted on disk by the VMK and can be retrieved by an
administrator after Windows has loaded.
April 28, 2006

external key file
A file that contains the external key in plaintext. The name and contents of the
file are internal to Microsoft and may change from version to version.
FVEK
full-volume encryption key; the algorithm-specific key that is used to encrypt
(and optionally, diffuse) data on disk sectors. Currently this key can vary from
128 bits through 512 bits. The default encryption algorithm that is used on disk
volumes is AES 128 bit with diffuser.
operating system volume
A volume that contains an operating system (such as Windows Vista) that can
be loaded by the computer’s boot manager.
PIN
personal identification number; an administrator-specified secret value that
must be entered each time the computer starts (or resumes from hibernation).
The PIN can have 4 to 20 digits, is limited to function-key input, and is stored
internally as a 256-bit hash of the entered Unicode characters. This value is
never appears to the user in any form or for any reason. The PIN is used to
provide another factor of protection in conjunction with TPM authentication.
recovery key
A key that is used for recovering data that is encrypted on a BitLocker volume.
This key is cryptographically equivalent to a startup key. If available, the
recovery key decrypts the VMK, which in turn decrypts the FVEK. (Note that
this is not the same as the recovery password.)
recovery password
A numerical password that is specified by the administrator for recovery. It
consists of 48 digits that are divided into 8 groups. Each group of 6 digits is
checked by mod-11 before being compressed into corresponding 16 bits of
passphrase data. A copy of the passphrase data is stored on disk that are
encrypted by the VMK, and thus the recovery password can be retrieved by an
administrator after Windows has loaded. (Note that this is not the same as the
recovery key.)
startup key
A key that is stored on a USB flash drive that must be inserted each time the
computer starts. The startup key is used to provide another factor of protection
in conjunction with TPM authentication.
system (active) volume
The first volume that the computer accesses when it starts up. This volume
contains the hardware-specific files that are required to load Windows and
includes the computer’s boot manager (for loading multiple operating systems).
In general, the system volume can be, but does not have to be, the same
volume as the operating system (boot) volume. However, for BitLocker to
function, the system volume must differ from the operating system volume and,
also, must not be encrypted.
TPM
Trusted Platform Module; security hardware that provides a hardware-based
root of trust and can be leveraged to provide a variety of cryptographic services.
TPM v1.2 with compatible BIOS upgrades provides BitLocker with the secure
startup capabilities to validate the integrity of critical early boot components and
a transparent startup experience.
VMK
VMK; the key that is used to encrypt the FVEK.
April 28, 2006

Appendix
Key Architecture and Design
To achieve a higher level of security without greatly affecting usability, BitLocker
supports different types of cryptographic algorithms and encryption layers, including
multifactor authentication. In general, to add additional layers of security when
protecting data, multifactor security uses:
• What you have (for example, the TPM or a USB flash drive with a startup
key)
• What you know (for example, a PIN)
• What you are
The main goal of BitLocker is to protect user data on the operating system volume.
To achieve this, disk sectors are encrypted with a full-volume encryption key
(FVEK), which is always encrypted with the volume master key (VMK), which, in
turn, is bound to the TPM (in TPM scenarios).
The VMK directly protects the FVEK and therefore, protecting the VNK becomes
critical. This strategy of protecting the VMK indirectly protects the encrypted volume
and has the advantages that:
• The system can regenerate keys upstream in the chain if one or more of
these keys are lost or compromised.
• The recovery process can be done without decrypting and reencrypting the
entire volume, which is expensive in terms of the user’s time.
April 28, 2006

Figure A1 shows the BitLocker key architecture:
Figure A1. Key architecture and design
April 28, 2006

As Figure A1 shows, there are several different ways to encrypt the VMK.
Protecting the Volume Master Key (VMK)
Authentication
scenario
VMK BLOB Algorithm to
encrypt VMK
Default: TPM only SRK(VMK) RSA
TPM plus PIN (SRK+SHA256(PIN))(VMK) RSA
TPM plus startup key SHA256(SRK(DerivedKey), StartupKey)
(VMK)
AES
Recovery key RecoveryKey(VMK) AES
Recovery password (Chained-hashing(Password),Salt)(VMK) AES
Clear key ClearKey(VMK) AES
Keys are generated at BitLocker setup time and related BLOBs are stored on the
protected disk volume.
The SRK is the storage root key that the TPM holds. It is a 2,048-bit RSA key pair
that is generated when ownership of the TPM is taken. The SRK referred to here as
an RSA key is actually the public key; the private key member of the pair is never
shown. The SRK is stored within the nonvolatile protected memory of the TPM and
cannot be removed. This helps ensure that the private key material cannot be
leaked and prevents keys from being used on any platform other than the one on
which they were created. However, mechanisms are available to migrate keys from
one TPM to another, for backup and disaster recovery purposes.
All TPM key operations are based off the SRK. When ownership of the TPM is
taken, the new owner must specify two pieces of authorization information: the
ownership authorization and the SRK usage authorization. This SRK usage
authorization is required for each TPM operation. Because this is undesirable from
a usability point of view and secure startup requires that this information be known
very early in the boot process, the TPM administrative tools sets this usage
authorization to a known value of all zeroes (20 bytes of 0). The SRK is rekeyed
each time the owner changes.
Derived keys are generated from other data (for example, numeric password) and
become part of the basis for another key. In the preceding table, DerivedKey is a
256-bit intermediate symmetric key, randomly generated and stored on disk that is
encrypted with the SRK.
The design to store the BLOBs with their corresponding disk volume implies that if a
volume is moved to another machine and then back onto a machine with the
original TPM, all existing protection BLOBs remain in effect and recovery is not
triggered.
The only way to change the VMK and FVEK for an encrypted volume is to decrypt
and reencrypt the volume. After BitLocker protection is on, the key management UI
allows administrators to reset the PIN and copy the startup key, recovery key, and
recovery password. Scripting allows administrators to add, remove, copy, and
change PIN, startup key, recovery key, and recovery password.
When the two-factor (or two-layer) authentication is enabled (for example, through
creating a PIN or startup key), the VMK BLOB that was encrypted with only the
TPM is removed. This causes the system, at next boot, to require the two-layer
authentication, instead of working with only a TPM. Script writers must remove any
TPM-only BLOBs from the disk volume if the intention is to apply the TPM-plus-PIN
or TPM-plus-startup-key authentication instead of the TPM-only authentication.
April 28, 2006

Administration
The administrator controls all aspects that are related to BitLocker Drive Encryption.
By using Group Policy (GP), the administrator can enable, disable, or make optional
authentication scenarios and recovery mechanisms.
By using BitLocker Group Policy, the administrator can:
• Set Group Policy to enable backup of BitLocker and TPM recovery
information to Active Directory.
• Set up UI policies to:
• Establish which security scenarios are enabled, disabled, or optional.
• Establish which recovery mechanisms are enabled, disabled, or
optional.
• Modify as required default settings, which are everything optional,
except for the recovery password, which is mandatory. Note that there is no
scripting support for the UI setup GP configuration.
• Set up encryption and validation policies (for example, the disk volume’s
encryption method).
April 28, 2006

BitLocker Drive Encryption User Experience and Scenarios

Recommended

Recommended

More Related Content

What's hot

What's hot (12)

Similar to BitLocker Drive Encryption User Experience and Scenarios

Similar to BitLocker Drive Encryption User Experience and Scenarios (20)

Recently uploaded

Recently uploaded (20)

BitLocker Drive Encryption User Experience and Scenarios