Bypassing Bitlocker: A Hardware Attack on Windows Disk Encryption

In this video we will use a hardware attack to bypass TPM-based Bitlocker encryption as used on most Microsoft Windows devices. Errata: - PIN can also be enabled using manage-bde, not just using group policies Questions: - Does this work on TPM2.0? Yes, at least on some: https://pulsesecurity.co.nz/articles/TPM-sniffing Links: - https://hextree.io/ - Pascal Gujer: https://twitter.com/pascal_gujer / https://hands-on-security.com - Enabling Bitlocker PIN: https://www.howtogeek.com/262720/how-to-enable-a-pre-boot-bitlocker-pin-on-windows/ - Hardware & source-code: https://github.com/stacksmashing/pico-tpmsniffer - LPC Clockless Analyzer for Saleae: https://github.com/stacksmashing/LPCClocklessAnalyzer Me: - Twitter: https://twitter.com/ghidraninja - Patreon: https://patreon.com/stacksmashing Posts about sniffing bitlocker: - https://labs.withsecure.com/publications/sniff-there-leaks-my-bitlocker-key - https://www.secura.com/blog/tpm-sniffing-attacks-against-non-bitlocker-targets - https://blog.scrt.ch/2021/11/15/tpm-sniffing/ - https://pulsesecurity.co.nz/articles/TPM-sniffing