Cold Boot Attacks on Disk Encryption

Posted on February 22, 2008 by Scott Rose

Well-known security researcher and commentator Ed Felton and colleagues at Princeton report on a technique for breaking many whole-disk encryption schemes, including the most common ones. The attack is based upon scanning RAM for encryption keys, and is even (reported to be) effective on a machine that has been recently powered down.

The paper site offers a five-minute video and the most recent version of the 22-page paper.

As I understand the results, hibernation may be the friend of expediency, but it is surely no friend of data security.

About Scott Rose

I am the webmaster and data architect for University of Washington Computer Science and Engineering. In that role I installed and helped configure this install of WordPress, and I maintain it.
This entry was posted in Physical Security. Bookmark the permalink.

6 Responses to Cold Boot Attacks on Disk Encryption

  1. Dan Halperin says:
    February 22, 2008 at 9:08 am

    Well-known security research and commentator and UW Ph.D. Alum Ed Felton … 🙂

  2. Scott Rose says:
    February 22, 2008 at 9:45 am

    New York Times coverage of the paper (byline John Markoff) is available at http://tinyurl.com/2kxf6s

  3. Robert says:
    February 22, 2008 at 3:29 pm

    Hibernation writes the contents of your memory to disk so the computer can power down without losing state. According to this information, a machine in sleep mode or even a machine that was just recently powered down is also vulnerable since DRAM loses stored memory slowly.

    This shows just how important phsyical security of computers really is. Not all private data is stored on servers locked away in datacenters.

  4. iddav says:
    February 22, 2008 at 5:42 pm

    Approaches based on specialized cryptography hardware may be even more appealing in light of this discovery. HSMs (Hardware Security Modules) are designed to securely store keys and perform basic encryption functions. In addition to speeding up cryptographic operations, the encryption would be performed in a secured module, so the encryption keys would not need to be stored unencrypted in RAM or the hard drive.

    http://en.wikipedia.org/wiki/Hardware_Security_Module

  5. Pingback: UW Computer Security Course Blog » Security Review: Full disk encryption

  6. robertm2 says:
    February 25, 2008 at 12:39 pm

    This seems like a very serious problem especially since one would assume that his/her data would be completely safe as long as the key or the password needed to retrieve the key is compromised, which would seem very unlikely.

    Am I missing something though? I realize that there is currently a problem, but couldn’t the OS’s implement changes (which seems somewhat trivial) so that it would overwrite the memory location where the key is stored or just the entire memory itself with junk before shutting down or sleeping?

Comments are closed.