Feeds

back to article Security boffins attempt to freeze out cold boot crypto attack

Security researchers have developed prototype countermeasures to defend against the recently developed cold boot crypto attack. Cold boot is a technique for snatching cryptographic keys from memory, creating a means to circumvent disk encryption. A targeted machine that's been left hibernating would be turned off and quickly …

COMMENTS

This topic is closed for new posts.
Paris Hilton

So how would

Disabling booting from anything other than internal hard disk, locking the BIOS with a password be circumvented for cold boot attack?

0
0

@ AC

Getting round BIOS passwords is easy...! There's several methods that your average 14 year old would probably know. I'll leave out the details, it's not hard to find them out if you fancy doing a bit of research.

0
0
Thumb Down

@AC 15:58

Open the case, whip out the RAM, stick it in your computer next to it, and use that to extract the keys. Even if you don't have your own computer with you, chilling the ram gives you a window of 20 mins - an hour to get it into a new computer. You can achieve this cooling by using an aerosol, upside soen (Most commonly mentioned in the proof of concepts is a can of compressed air)

0
0

Re: So how would

Stick the key-grabbing distro on a sata/ide disk sporting a cable, take the side off the machine, flick power and quickly swap drive cables?

This might be more feasible with two people : one standing by with the drive cable and the other by the power switch.

0
0
Go

@AC

By removing the RAM modules and putting them in another computer, of course.

0
0
Boffin

Re: So how would

er, fairly easily?

Freeze the RAM chips, pop 'em out (a hammer will get you access, if you haven't got anything more useful) and then pop 'em into another machine to analyse?

Could even make a small RAM copier which would support various RAM module formats and take a copy of the data onto a built in HDD or something. Probably not very hard to do.

0
0
Paris Hilton

Or...

You could just lock the door to your office?

Paris - Cold boot? Joke? Anyone?

0
0
Linux

Another idea

How about encrypting the key in ram, storing the new encryption key in CPU cache, or using some form of system-id as the encryption key key?

0
0
Anonymous Coward

Well thank god

they have a solution to this problem, I was losing sleep at night worrying about this style of attack.

0
0
Flame

Solved!

I've solved the problem. I've now electrified my computer case and also filled the insides with barbed wire and thermite....now it wont turn on though :( I wonder why....

0
0
Bronze badge

Disable hibernation?

Problem solved?

0
0
Coat

Secure RAM??

Why not just build some extra functionality into the RAM modules that when the power supply to the module sags below a pre-determined voltage, it clears a register in the chip that forces a return of 0x00000000 on any memory that has not been written to since powering-up.

Something along this line would kill these cold boot attacks dead since you can't read the value of a memory address until it's been written to.

The only way I can see to get around this, you would need to supply a constant source of power to the module so it doesn't flag the memory as powered-off, and then you would need to some how provide a DRAM refresh cycle while the RAM is removed from the PC which isn't something you are gunna be able to do quickly and/or easily!

*Grabs his coat and heads to the patent office!

0
0
This topic is closed for new posts.