Questions have been raised about the viability of a new
PC hardware component aimed at boosting the security of Windows
Vista.
Bitlocker is a security element in Vista based on the Trusted
Platform Module (TPM). Bitlocker encrypts data and the TPM is used
to store the decryption key.
IT security experts have warned that if a hard disc using
Bitlocker was compromised, the data could be accessed because it
uses AES, a strong, but crackable, encryption system.
Researchers at the Weizmann Institute of Science in Israel
demonstrated how to break AES last year.
Phil Cracknell, director of Capgemini’s security consulting
practice, warned, “AES is a good method of security but it is
crackable, given enough processing power.”
Cracknell also said that, to be deployed as secure hardware for
government departments, PC makers would need to ensure machines
using Bitlocker technology had government-approved CESG
certification or equivalent.
Mike Nash, corporate vice-president for Microsoft’s security
technology unit, said Bitlocker encrypted every byte of data on the
hard disc to make it inaccessible. He would not be drawn on whether
the AES encryption in Bitlocker would stand the test of time, as
the levels of processing power needed to crack it became more
widely available.