CIA spies can add BitLocker hack to the list

A new batch of documents leaked by former NSA contractor Edward Snowden has shown that the CIA tried for years to break Apple's encryption.

Besides Apple, Microsoft was also a target, and a story published on The Intercept suggests that CIA specialists might be able to break into BitLocker, the Microsoft software which encrypts hard drives.

At an agent-only conference in 2010, CIA officials talked about how it is possible to extract private encryption keys from a special security chip – Trusted Platform Module (TPM).

The TPM is necessary in order to use BitLocker, and keys could be extracted from it by “measuring electromagnetic signals emanating from the TPM.”

With this technique, spies use sensors or other devices to study the power consumption of a chip while it encrypts and decrypts information to extract the keys from it.

Motherboard took the time to speak to a couple of security experts, and none of them seemed too surprised about the new discovery.

"This new research means that if I can put a sensor next to the laptop, now all of a sudden I can extract the keys without damaging it,” Kenneth Ray, a former Microsoft engineer who was BitLocker’s architect from 2005 to 2007.

“This is a tiny bit alarming because now you can attack a TPM without there being any evidence that you did so.”

Peter Biddle, another former Microsoft engineer who led the BitLocker team before its launch in 2005, is also not surprised.

“We were partnering with people and doing it ourselves 10 years ago,” Biddle told Motherboard.

Microsoft declined to comment on the story.