This commit is contained in:
Paolo Matarazzo
2023-10-17 17:25:17 -04:00
parent 0cb53252bf
commit 03e0278718

View File

@ -50,8 +50,8 @@ The Network Unlock process follows these phases:
1. The Windows boot manager detects a Network Unlock protector in the BitLocker configuration
1. The client computer uses its DHCP driver in the UEFI to get a valid IPv4 IP address
1. The client computer broadcasts a vendor-specific DHCP request that contains:
1. A network key (a 256-bit intermediate key) that is encrypted by using the 2048-bit RSA Public Key of the Network Unlock certificate from the WDS server
1. An AES-256 session key for the reply
- A network key (a 256-bit intermediate key) that is encrypted by using the 2048-bit RSA Public Key of the Network Unlock certificate from the WDS server
- An AES-256 session key for the reply
1. The Network Unlock provider on the WDS server recognizes the vendor-specific request
1. The provider decrypts the request by using the WDS server's BitLocker Network Unlock certificate RSA private key
1. The WDS provider returns the network key encrypted with the session key by using its own vendor-specific DHCP reply to the client computer. This key is an intermediate key