Why BitLocker does not use RSA





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







1















If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.






aes rsa tpm bitlocker cold-boot-attack







share|improve this question







New contributor




user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.



























    1















    If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
    Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.






    aes rsa tpm bitlocker cold-boot-attack







    share|improve this question







    New contributor




    user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      1












      1








      1








      If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
      Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.






      aes rsa tpm bitlocker cold-boot-attack







      share|improve this question







      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      If I do not understand wrong from this post and Wikipedia page of the BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption.
      Given that, the RSA key is stored in the TPM, why BitLocker does not use the asymmetric encryption (i.e., RSA)? By using such encryption technique, we might be able to defend against the cold boot attack or sniffing on LPC bus.






      aes rsa tpm bitlocker cold-boot-attack




      aes rsa tpm bitlocker cold-boot-attack






      share|improve this question







      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question







      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question






      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 3 hours ago









      user3862410user3862410

      61




      61




      New contributor




      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      user3862410 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          1 Answer
          1






          active

          oldest

          votes


















          2














          Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



          This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






          share|improve this answer
























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "162"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            noCode: true, onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });






            user3862410 is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207771%2fwhy-bitlocker-does-not-use-rsa%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            2














            Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



            This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






            share|improve this answer




























              2














              Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



              This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






              share|improve this answer


























                2












                2








                2







                Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



                This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.






                share|improve this answer













                Asymmetric encryption like RSA is limited in that you can only use it to encrypt data the size of the key. With a 2048 bit key, you can only encrypt 2048 bits of information. For this reason RSA is unsuitable for bulk encryption like disks - and even for small files like email messages.



                This is why almost all uses of asymmetric encryption involve "hybrid encryption". RSA is used to encrypt the key for a symmetric algorithm like AES, and AES is used to encrypt the bulk data. PGP is an example of a hybrid encryption application.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 2 hours ago









                gowenfawrgowenfawr

                54.9k11115162




                54.9k11115162






















                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.










                    draft saved

                    draft discarded


















                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.













                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.












                    user3862410 is a new contributor. Be nice, and check out our Code of Conduct.
















                    Thanks for contributing an answer to Information Security Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207771%2fwhy-bitlocker-does-not-use-rsa%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    Statuo de Libereco

                    Image
                    Koordinatoj: 40°41′21″N 74°02′40″W   /   40.68917°N , 74.04444°U  / 40.68917; -74.04444  ( Statuo de Libereco ) Statuo de Libereco angle: Statue of Liberty statuo Statuo de Libereco de antaŭe Oficiala nomo: Liberty Enlightening the World Lando  Usono Ŝtato Novjorkio Regiono Novjorko Insulo Insulo de Libereco Situo Statuo de Libereco  - koordinatoj 40°41′21″N 74°02′40″W   /   40.68917°N , 74.04444°U  / 40.68917; -74.04444  ( Statuo de Libereco ) Alteco de statuo 46 m  - alteco kun soklo 93 m Pezo 205 000 kg (451 948 lb) Materialoj bronzo, ŝtalo Proponinto Gustave Eiffel  - skulptisto Frédéric Auguste Bartholdi  - proponinto de soklo Richard Morris Hunt  - kapo laŭ modelo de Isabella Eugenie Boyer Transdonita 4-an de julio 1886 Por publiko alirebla por publiko Horzono OT (UTC-5)  - somera tempo OT (UTC-4) Loko
                    Read more

                    Tanganjiko

                    Image
                    Lago Tanganjiko Situo centra Afriko Ĉefaj fontoj Kalambo, Lufuko, Malagarasi kaj Ruzizi Ĉefaj elfluoj Lukugo Setlejoj Bujumbura, Kalemie Datenoj Koordinatoj 6°  S , 30°  O -6.3827777777778 29.615 782 Koordinatoj: 6°  S , 30°  O DEC Supermara alteco 782 m Surfaca areo 32 893 km² f5 Maksimuma longo 673 km f6 Maksimuma larĝo 72 km f7 Akva volumeno 18.900 km³ dep1 f8 Maksimuma profundo 1470 m f10 Averaĝa profundo 570 m f11 v   •   d   •   r Mapo de la lago Tanganjiko estas lago en orienta Afriko, inter Burundo, Kongo Kinŝasa, Tanzanio kaj Zambio. Ĝi apartenas al la Granda Rifto kaj estas unu el la Afrikaj Grandaj Lagoj. Tanzanio (46%) kaj DRK (40%) havas la majoritaton de la lago. Ĝi havas longon de 673 km, areon de ĉ. 32.900 km² kaj maksimuman profundon taksatan je 1470 metroj; pro tiu ĉi granda profundo ankaŭ ĝia volumeno estas sufiĉe granda, 18.900 km³. Oni konsi
                    Read more

                    Liste der Baudenkmäler in Enneberg

                    Image
                    Die Liste der Baudenkmäler in Enneberg (ladinisch Mareo , italienisch Marebbe ) enthält die 36 als Baudenkmäler ausgewiesenen Objekte auf dem Gebiet der Gemeinde Enneberg in Südtirol. Basis ist das im Internet einsehbare offizielle Verzeichnis der Baudenkmäler in Südtirol. Dabei kann es sich beispielsweise um Sakralbauten, Wohnhäuser, Bauernhöfe und Adelsansitze handeln. Die Reihenfolge in dieser Liste orientiert sich an der Bezeichnung, alternativ ist sie auch nach der Adresse oder dem Datum der Unterschutzstellung sortierbar. Liste | Foto   Bezeichnung Standort Eintragung Beschreibung Metadaten ja Altes Gasthaus Janesch ID: 14567 46° 42′ 54″ N, 11° 52′ 42″ O 76882557800 0 8. Sep. 1986 (BLR-LAB 4974) Ländliches Wohnhaus/Bauernhof KG:  Welschellen Bauparzelle: 391 ja Asch (Prack) ID: 14540 46° 43′ 12″ N, 11° 54′ 35″ O 75496485300 20. Nov. 1950 (MD) Ansitz KG:  Enneberg Bauparzelle: 38 ja Biccia mit Stade
                    Read more