Corrine Posted February 8 Share Posted February 8 From Microsoft BitLocker encryption cracked in just 43 seconds with a $4 Raspberry Pi Pico: In a YouTube video, security researcher Stacksmashing demonstrated that hackers can extract the BitLocker encryption key from Windows PCs in just 43 seconds using a $4 Raspberry Pi Pico. According to the researcher, targeted attacks can bypass BitLocker's encryption by directly accessing the hardware and extracting the encryption keys stored in the computer's Trusted Platform Module (TPM) via the LPC bus. The attack was possible due to a design flaw found in devices with dedicated TPMs, like modern laptops and desktops. As explained by the researcher, BitLocker sometimes uses external TPMs to store key information, such as the Platform Configuration Registers and Volume Master Key. However, as it turns out, the communication lanes (LPC bus) between the CPU and external TPM remain unencrypted on boot-up, allowing threat actors to sniff any traffic between the two modules and extract the encryption keys. Additional information in the referenced article. 1 Quote Link to comment Share on other sites More sharing options...
.thumb.jpg.7c3caaf218a75d76e16db7a5bddfb463.jpg)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.