Can a Bitlocker-locked drive be brute-forced within hours by guessing the recovery key by an actor with a supercomputer? With a couple of GPUs? (assuming Microsoft put as much effort as possible into that pseudo-random recovery key and didn’t insert any backdoors by reducing the already-miserable amount of randomness there)
I think you’re vastly underestimating just how big
2^163 is. If we do some crude maths and take an Intel i9-9900K (16 threads, 3.6GHz), and assume that it can try one AES key per cycle (because it has AES-NI), that gives us 57,600,000,000 keys per second, or 1,816,473,600,000,000,000 (1.8 × 10^18) per year. Which means that brute-forcing a 163 bit key would take 55,051,722,194,035,743,997,062,743,766,462,087,395,540 (5.5 × 10^40) years on a single high-end CPU.
Sure, you can throw more CPUs at the problem (GPUs probably won’t help that much, because they won’t have AES in hardware like CPUs do) – but you still not going to get anywhere near feasible.
So yes, a 48 digit key is less that 256 bits, but it’s still in the realm of being completely uncrackable. As a general rule, 128 bits is considered completely impossible to brute-force, and that’s unlikely to change.
But then something else struck me. When generating the key I didn’t move neither my mouse, nor pressed keys, nor was my computer connected to the internet. What else could Windows use for randomness? Thermistors on the chipset?
Exactly how Windows generates random numbers is complicated, but Microsoft published a whitepaper on it that would be worth reading if you want to know the details.
The short version is that you’re not going to guess them, and I don’t believe that there have been any serious flaws highlighted in their approach.
Is there an option to disable Bitlocker recovery keys?
This is a bad idea – there are all kinds of circumstances when you might need them (BIOS updates, some firmware updates, TPM issues, motherboard failure). If you do this, then I hope that you have good backups of your data (and that you’ve encrypted them with something just as strong).