Various systems exist that protect the confidentiality of data stored on a volume of a computer file system by performing so-called “full-volume encryption.” Such systems encrypt all or substantially all of the data stored on a volume and transparently decrypt such data when an authorized entity requests it. For example, certain MICROSOFT® WINDOWS® operating systems provide full-volume encryption via activation of a feature known as BITLOCKERT™ Drive Encryption (“BITLOCKER”).
Full-volume encryption systems such as BITLOCKER™ may provide a variety of authentication methods for managing access to a protected volume. For example, where the protected volume is an operating system (OS) volume accessed during the booting of a computer, such methods may rely on an integrity check of certain system startup components performed by a Trusted Platform Module (TPM) included in the computer. Other authentication methods may require the provision of an access credential such as a startup key or personal identification number (PIN). A startup key may be provided, for example, through the insertion of some form of portable storage media that stores the startup key into a port of the computer. A PIN may be provided, for example, via manual entry by a user. Still other authentication methods may combine TPM-based integrity checking with the provision of one or more access credentials.
In some cases, it would be desirable if a full-volume encryption system provided an authentication method that could be used only once. Such scenarios include, for example, recovery scenarios and system management scenarios. With respect to recovery scenarios, there may be situations where for some valid reason a primary authentication method must be bypassed to access a protected volume. Such situations may include, for example, a hardware failure or the loss of access credentials associated with the primary authentication method. In some conventional full-volume encryption systems, a recovery access credential is provisioned so that access to a protected volume can be achieved by means of a corresponding recovery authentication method. This recovery authentication method is not meant to be used in perpetuity to bypass the primary authentication method, but is rather intended to be used only for a particular access instance. However, in such conventional full-volume encryption systems, once a recovery access credential has been provisioned, that credential can continuously be used to unlock the protected volume as long as certain corresponding key material associated with the recovery access credential is present on the protected volume. This presents an undesirable security risk.
With respect to system management, it is sometimes desirable to allow a computer to reboot without human interaction. For example, an Information Technology (IT) administrator may wish to update an application or install a patch on a remote client computer via a corporate network, wherein such updating or installing requires a reboot of the client computer. If the client computer is protected with a form of authentication that requires user interaction, when a reboot is forced, then the client computer will wait at the pre-boot environment for such a user interaction (for example the client computer may prompt a user to enter a PIN and then wait for PIN entry). If a single-use authentication method were available to bypass the regular form of authentication for this particular client computer without replacing it, the IT administrator would be able to deploy the required upgrades or patches unhindered.