Bitlocker Full Disk Encryption

In the current modern world of information era, Information security plays a vital role in protecting the confidentiality of the sensitive information. The information security has a major role to play in securing the information as the attack surface and adversary capabilities have increased enormously over the years. The security of any information system can be classified as security during communication / transport, security during processing and security during storage. Even though the first two categories have been dealt with to a large extent by security researchers, the latter has been lacking the enhancement due to several issues. The storage security protecting the data at rest has been crucial due to its amount of sensitive information that is being stored and accessible to the adversaries. There are software tools for providing the security for stored information. This thesis reviews the technology of Window’s BitLocker tool for Full Disk Encryption (FDE) and hardware based Self Encrypting Drives (SEDs) [4, 5]. The BitLocker tool is studied and described along with its features and available options for system encryption, BitLocker-on-the-Go and eDrive. It includes the authentication process and the key management methods being used by BitLocker for Windows10 [7, 8, 9]. The thesis also investigates the Self Encrypting Devices (SEDs) supporting the Opal standard with Windows (Bit- Locker eDrive) [2]. The threat models and attacks on disk encryption in the BitLocker edrive context are also analyzed in the thesis [4, 5, 6]. It evaluates the open source tool that enables the access to the Bit- Locker drive format in Linux or Windows. iv


Faculty of Informatics

Date of Completion

fall 2017



Milan Brož


Guruprasad Bidare Venkatesh