Cold Boot Attacks on Disk Encryption
Well-known security researcher and commentator Ed Felton and colleagues at Princeton report on a technique for breaking many whole-disk encryption schemes, including the most common ones. The attack is based upon scanning RAM for encryption keys, and is even (reported to be) effective on a machine that has been recently powered down.
The paper site offers a five-minute video and the most recent version of the 22-page paper.
As I understand the results, hibernation may be the friend of expediency, but it is surely no friend of data security.
Comment by Dan Halperin
February 22, 2008 @ 9:08 am
Well-known security research and commentator and UW Ph.D. Alum Ed Felton … 🙂
Comment by Scott Rose
February 22, 2008 @ 9:45 am
New York Times coverage of the paper (byline John Markoff) is available at http://tinyurl.com/2kxf6s
Comment by Robert
February 22, 2008 @ 3:29 pm
Hibernation writes the contents of your memory to disk so the computer can power down without losing state. According to this information, a machine in sleep mode or even a machine that was just recently powered down is also vulnerable since DRAM loses stored memory slowly.
This shows just how important phsyical security of computers really is. Not all private data is stored on servers locked away in datacenters.
Comment by iddav
February 22, 2008 @ 5:42 pm
Approaches based on specialized cryptography hardware may be even more appealing in light of this discovery. HSMs (Hardware Security Modules) are designed to securely store keys and perform basic encryption functions. In addition to speeding up cryptographic operations, the encryption would be performed in a secured module, so the encryption keys would not need to be stored unencrypted in RAM or the hard drive.
http://en.wikipedia.org/wiki/Hardware_Security_Module
Pingback by UW Computer Security Course Blog » Security Review: Full disk encryption
February 24, 2008 @ 9:24 pm
[…] While this blog has explored both the recent security breach and specific encryption tools (cold-boot attacks , Truecrypt security review), this security review will take a broad look at the security […]
Comment by robertm2
February 25, 2008 @ 12:39 pm
This seems like a very serious problem especially since one would assume that his/her data would be completely safe as long as the key or the password needed to retrieve the key is compromised, which would seem very unlikely.
Am I missing something though? I realize that there is currently a problem, but couldn’t the OS’s implement changes (which seems somewhat trivial) so that it would overwrite the memory location where the key is stored or just the entire memory itself with junk before shutting down or sleeping?