Update: March 2016.
Commenters have noted this same fix appears to work correctly on Windows 10 as well

A semi-common error seen on various Windows 8.1 and 2012/R2 systems is the following during the start of system backups that use VSS (i.e. most backups).  This often causes the backup process to hang for a long period of time, or fail.

Application Event Log:
Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Much digging through forums has found what appears to be the cause.

During backup a VSS process running under NETWORK_SERVICE account calls cryptcatsvc!CSystemWriter::AddLegacyDriverFiles(), which enumerates all the drivers records in Service Control Manager database and tries opening each one of them. , The function fails on MSLLDP record with "Access Denied" error.

Turned out it fails because MSLLDP driver's security permissions do not allow NETWORK_SERVICE to access the driver record.

What causes this to have incorrect permissions in the first place is unclear, but a fairly simple fix exists.  We've tested this on several systems without issue, but your mileage may vary.

It can be fixed by correcting the Security Description on the MSLLDP service, using the built-in command line utility SC.exe

Open an Administrative Command Prompt (NOT PowerShell) and execute the following.  This must all be one long command without carriage returns

sc sdset MSLLDP D:(D;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BG)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCDCLCSWRPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SO)(A;;LCRPWP;;;S-1-5-80-3141615172-2057878085-1754447212-2405740020-3916490453)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)

You should receive a successful result of

[SC] SetServiceObjectSecurity SUCCESS

If so, the problem is resolved, and there's no reboot required.  The next backup should complete successfully.