jessekornblum (![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small} jessekornblum) wrote,@ 2009-01-14 10:17:00 |
|
BitLocker Paper Accepted
My paper on Microsoft's BitLocker, Implementing BitLocker Drive Encryption for Forensic Analysis, has been accepted for publication in the journal Digital Investigation. The paper has been significantly revised since I last wrote about it. The online version bears only a passing resemblance to the final version. As such, here's the new abstract:
My paper on Microsoft's BitLocker, Implementing BitLocker Drive Encryption for Forensic Analysis, has been accepted for publication in the journal Digital Investigation. The paper has been significantly revised since I last wrote about it. The online version bears only a passing resemblance to the final version. As such, here's the new abstract:
This paper documents the BitLocker Drive Encryption system included with some versions of Microsoft's Windows Vista. In particular it describes the key management system, the algorithms and modes used, and the metadata format. Particular attention is given to methods forensic examiners can use to access protected data. There are some unanswered questions about how the cryptosystem operates, including an undocumented key management decision. This decision could allow, in a particular usage scenario, unauthorized access to a protected volume.You'll have to read the published article to get the whole story!
