{"id":29216,"date":"2026-02-26T10:08:39","date_gmt":"2026-02-26T09:08:39","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=29216"},"modified":"2026-02-26T10:08:41","modified_gmt":"2026-02-26T09:08:41","slug":"bitlocker-overview-understanding-todays-threats","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/02\/bitlocker-overview-understanding-todays-threats\/","title":{"rendered":"BitLocker Overview: Understanding Today\u2019s Threats"},"content":{"rendered":"\n

Nowadays, security efforts primarily focus on web applications, internal infrastructures, Active Directory, and other traditional attack surfaces. Yet with the rise of remote work, employees\u2019 workstations<\/strong> are increasingly exposed to theft<\/strong>.<\/p>\n

In this context, the main security measure available to secure data at rest is full-disk encryption. For this, most companies rely on the built-in Microsoft disk encryption tool BitLocker<\/strong>. However, simply enabling disk encryption is often assumed to be sufficient to protect data at rest<\/strong>.<\/p>\n

While BitLocker is presented as the solution to data confidentiality and integrity, it can still be bypassed<\/strong>, with either inexpensive hardware or software-based attacks. Such attacks lead to the total loss of confidentiality and integrity<\/strong> on the target machine.<\/p>\n

In this article, we summarize how BitLocker works and build up on this knowledge to examine recent physical<\/strong> and logical<\/strong> attacks that continue to threaten workstations security.<\/p>\n

\u00a0<\/p>\n

Reminders about how BitLocker works<\/h2>\n

BitLocker is a full-disk encryption mechanism built into Windows since its introduction with Windows Vista in January 2007, defined as follows: \u201cBitLocker is a Windows security feature<\/strong> that provides encryption for entire volumes, addressing the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned devices.\u201d (BitLocker Overview | Microsoft Learn<\/a><\/span>)<\/p>\n

Its security relies on a simple key hierarchy: the leakage of one key can compromise the whole disk.<\/p>\n

Two keys are involved:<\/p>\n

    \n
  1. the Full Volume Encryption Key (FVEK<\/strong>), which encrypts disk sectors<\/li>\n
  2. the Volume Master Key (VMK<\/strong>), which encrypts the FVEK. This key is stored and protected by the Trusted Platform Module (TPM<\/strong>), a security component designed to store cryptographic secrets.<\/li>\n<\/ol>\n

    The FVEK is stored on disk encrypted by the VMK; during boot time, the decryption happens as such:<\/p>\n

    \"BitLocker
    BitLocker Disk Decryption Process<\/em><\/figcaption><\/figure>\n

    \u00a0<\/p>\n

    Workstation used as example in this article delivers VMK through SPI bus<\/strong>, but various other protocols such as LPC<\/strong> could be observed (LPC does not imply more security features than SPI).<\/p>\n

    The VMK is released during boot over an SPI bus <\/strong>(low-speed serial protocol with 4 signals\u2019 lines) between the TPM chip and the CPU<\/strong>. This key is the most critical component, as it allows decryption of the entire disk.<\/p>\n

    This architecture shows that at a specific moment, the VMK is transmitted in clear text in the SPI bus and the FEVK key is stored un-encrypted in RAM. This configuration can be leveraged by attackers<\/strong> with various physical and logical attacks<\/strong>. The following sections describe how this behavior can be exploited.<\/p>\n

    \u00a0<\/p>\n

    Physical attacks<\/h2>\n

    Physical attacks require dedicated physical equipment to exploit vulnerability<\/strong>. This typically involves using tools such as probes, logical analyzers and dedicated malicious peripherals.<\/p>\n

    Against BitLocker and TPM, hardware attacks can still, with few prerequisites, be exploited today<\/strong>. This section focuses on the two main hardware-based techniques: TPM sniffing<\/strong> and DMA attacks.<\/strong><\/p>\n

    \u00a0<\/p>\n

    TPM sniffing<\/h3>\n

    At rest, the VMK is stored and protected by the TPM. It is released on boot and transmitted to the CPU. TPM assumes that the communication channel is secure and cannot be compromised. However, on the motherboard, this communication channel is usually defined by a SPI bus linking different chips together.<\/p>\n

    Attack prerequisites:<\/p>\n