Why BitLocker does not use RSA Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern)Securely read encryption key from NVRAM of TPM 1.2Methods of cold boot attacks in the wildClarification of RSA Key Exchange (TLS 1.2) and AES for On-Going Message ExcahngeShould I really salt in a RSA/AES hybrid connection?Anniversary Update with Bitlocker Reboot without Encryption KeyIs it possible to extract secrets from a TPM without knowing the PIN?Security of TPM 1.2 for providing tamper-evidence against firmware modificationHow does full memory encryption in newer processes protect against DMA attacks?How does Bitlocker + TPM prevent me seeing the HDD contents with another OS?Is GPG's AES encryption that much stronger than its RSA headers?

What does it mean that physics no longer uses mechanical models to describe phenomena?

Was Kant an Intuitionist about mathematical objects?

What are the main differences between the original Stargate SG-1 and the Final Cut edition?

How were pictures turned from film to a big picture in a picture frame before digital scanning?

Why is it faster to reheat something than it is to cook it?

Random body shuffle every night—can we still function?

The test team as an enemy of development? And how can this be avoided?

malloc in main() or malloc in another function: allocating memory for a struct and its members

What is the "studentd" process?

Did pre-Columbian Americans know the spherical shape of the Earth?

How do living politicians protect their readily obtainable signatures from misuse?

Why complex landing gears are used instead of simple,reliability and light weight muscle wire or shape memory alloys?

Central Vacuuming: Is it worth it, and how does it compare to normal vacuuming?

How to write capital alpha?

My mentor says to set image to Fine instead of RAW — how is this different from JPG?

Is there public access to the Meteor Crater in Arizona?

Question about this thing for timpani

Weaponising the Grasp-at-a-Distance spell

Does silver oxide react with hydrogen sulfide?

Why is a lens darker than other ones when applying the same settings?

What does Turing mean by this statement?

In musical terms, what properties are varied by the human voice to produce different words / syllables?

Tips to organize LaTeX presentations for a semester

How to ask rejected full-time candidates to apply to teach individual courses?



Why BitLocker does not use RSA



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern)Securely read encryption key from NVRAM of TPM 1.2Methods of cold boot attacks in the wildClarification of RSA Key Exchange (TLS 1.2) and AES for On-Going Message ExcahngeShould I really salt in a RSA/AES hybrid connection?Anniversary Update with Bitlocker Reboot without Encryption KeyIs it possible to extract secrets from a TPM without knowing the PIN?Security of TPM 1.2 for providing tamper-evidence against firmware modificationHow does full memory encryption in newer processes protect against DMA attacks?How does Bitlocker + TPM prevent me seeing the HDD contents with another OS?Is GPG's AES encryption that much stronger than its RSA headers?



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








1















If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.










share|improve this question







New contributor




user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


























    1















    If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
    Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.










    share|improve this question







    New contributor




    user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      1












      1








      1








      If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
      Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.










      share|improve this question







      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
      Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.







      aes rsa tpm bitlocker cold-boot-attack






      share|improve this question







      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question







      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question






      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 3 hours ago









      user3862410user3862410

      61




      61




      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.




















          1 Answer
          1






          active

          oldest

          votes


















          2














          Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



          This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






          share|improve this answer























            Your Answer








            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "162"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            noCode: true, onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );






            user3862410 is a new contributor. Be nice, and check out our Code of Conduct.









            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207771%2fwhy-bitlocker-does-not-use-rsa%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            2














            Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



            This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






            share|improve this answer



























              2














              Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



              This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






              share|improve this answer

























                2












                2








                2







                Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



                This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






                share|improve this answer













                Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



                This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 2 hours ago









                gowenfawrgowenfawr

                54.9k11115162




                54.9k11115162




















                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.









                    draft saved

                    draft discarded


















                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.












                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.











                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.














                    Thanks for contributing an answer to Information Security Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207771%2fwhy-bitlocker-does-not-use-rsa%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Are there any AGPL-style licences that require source code modifications to be public? Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?Force derivative works to be publicAre there any GPL like licenses for Apple App Store?Do you violate the GPL if you provide source code that cannot be compiled?GPL - is it distribution to use libraries in an appliance loaned to customers?Distributing App for free which uses GPL'ed codeModifications of server software under GPL, with web/CLI interfaceDoes using an AGPLv3-licensed library prevent me from dual-licensing my own source code?Can I publish only select code under GPLv3 from a private project?Is there published precedent regarding the scope of covered work that uses AGPL software?If MIT licensed code links to GPL licensed code what should be the license of the resulting binary program?If I use a public API endpoint that has its source code licensed under AGPL in my app, do I need to disclose my source?

                    2013 GY136 Descoberta | Órbita | Referências Menu de navegação«List Of Centaurs and Scattered-Disk Objects»«List of Known Trans-Neptunian Objects»

                    Mortes em março de 2019 Referências Menu de navegação«Zhores Alferov, Nobel de Física bielorrusso, morre aos 88 anos - Ciência»«Fallece Rafael Torija, o bispo emérito de Ciudad Real»«Peter Hurford dies at 88»«Keith Flint, vocalista do The Prodigy, morre aos 49 anos»«Luke Perry, ator de 'Barrados no baile' e 'Riverdale', morre aos 52 anos»«Former Rangers and Scotland captain Eric Caldow dies, aged 84»«Morreu, aos 61 anos, a antiga lenda do wrestling King Kong Bundy»«Fallece el actor y director teatral Abraham Stavans»«In Memoriam Guillaume Faye»«Sidney Sheinberg, a Force Behind Universal and Spielberg, Is Dead at 84»«Carmine Persico, Colombo Crime Family Boss, Is Dead at 85»«Dirigent Michael Gielen gestorben»«Ciclista tricampeã mundial e prata na Rio 2016 é encontrada morta em casa aos 23 anos»«Pagan Community Notes: Raven Grimassi dies, Indianapolis pop-up event cancelled, Circle Sanctuary announces new podcast, and more!»«Hal Blaine, Wrecking Crew Drummer, Dies at 90»«Morre Coutinho, que editou dupla lendária com Pelé no Santos»«Cantor Demétrius, ídolo da Jovem Guarda, morre em SP»«Ex-presidente do Vasco, Eurico Miranda morre no Rio de Janeiro»«Bronze no Mundial de basquete de 1971, Laís Elena morre aos 76 anos»«Diretor de Corridas da F1, Charlie Whiting morre aos 66 anos às vésperas do GP da Austrália»«Morreu o cardeal Danneels, da Bélgica»«Morreu o cartoonista Augusto Cid»«Morreu a atriz Maria Isabel de Lizandra, de "Vale Tudo" e novelas da Tupi»«WS Merwin, prize-winning poet of nature, dies at 91»«Atriz Márcia Real morre em São Paulo aos 88 anos»«Mauritanie: décès de l'ancien président Mohamed Mahmoud ould Louly»«Morreu Dick Dale, o rei da surf guitar e de "Pulp Fiction"»«Falleció Víctor Genes»«João Carlos Marinho, autor de 'O Gênio do Crime', morre em SP»«Legendary Horror Director and SFX Artist John Carl Buechler Dies at 66»«Morre em Salvador a religiosa Makota Valdina»«مرگ بازیکن‌ سابق نساجی بر اثر سقوط سنگ در مازندران»«Domingos Oliveira morre no Rio»«Morre Airton Ravagniani, ex-São Paulo, Fla, Vasco, Grêmio e Sport - Notícias»«Morre o escritor Flavio Moreira da Costa»«Larry Cohen, Writer-Director of 'It's Alive' and 'Hell Up in Harlem,' Dies at 77»«Scott Walker, experimental singer-songwriter, dead at 76»«Joseph Pilato, Day of the Dead Star and Horror Favorite, Dies at 70»«Sheffield United set to pay tribute to legendary goalkeeper Ted Burgin who has died at 91»«Morre Rafael Henzel, sobrevivente de acidente aéreo da Chapecoense»«Morre Valery Bykovsky, um dos primeiros cosmonautas da União Soviética»«Agnès Varda, cineasta da Nouvelle Vague, morre aos 90 anos»«Agnès Varda, cineasta francesa, morre aos 90 anos»«Tania Mallet, James Bond Actress and Helen Mirren's Cousin, Dies at 77»e