back to article Security boffins attempt to freeze out cold boot crypto attack

Security researchers have developed prototype countermeasures to defend against the recently developed cold boot crypto attack. Cold boot is a technique for snatching cryptographic keys from memory, creating a means to circumvent disk encryption. A targeted machine that's been left hibernating would be turned off and quickly …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Paris Hilton

    So how would

    Disabling booting from anything other than internal hard disk, locking the BIOS with a password be circumvented for cold boot attack?

  2. Sam York

    @ AC

    Getting round BIOS passwords is easy...! There's several methods that your average 14 year old would probably know. I'll leave out the details, it's not hard to find them out if you fancy doing a bit of research.

  3. Edward Miles
    Thumb Down

    @AC 15:58

    Open the case, whip out the RAM, stick it in your computer next to it, and use that to extract the keys. Even if you don't have your own computer with you, chilling the ram gives you a window of 20 mins - an hour to get it into a new computer. You can achieve this cooling by using an aerosol, upside soen (Most commonly mentioned in the proof of concepts is a can of compressed air)

  4. Horridbloke

    Re: So how would

    Stick the key-grabbing distro on a sata/ide disk sporting a cable, take the side off the machine, flick power and quickly swap drive cables?

    This might be more feasible with two people : one standing by with the drive cable and the other by the power switch.

  5. null
    Go

    @AC

    By removing the RAM modules and putting them in another computer, of course.

  6. Russell Howe
    Boffin

    Re: So how would

    er, fairly easily?

    Freeze the RAM chips, pop 'em out (a hammer will get you access, if you haven't got anything more useful) and then pop 'em into another machine to analyse?

    Could even make a small RAM copier which would support various RAM module formats and take a copy of the data onto a built in HDD or something. Probably not very hard to do.

  7. Anonymous Coward
    Paris Hilton

    Or...

    You could just lock the door to your office?

    Paris - Cold boot? Joke? Anyone?

  8. Anonymous Coward
    Linux

    Another idea

    How about encrypting the key in ram, storing the new encryption key in CPU cache, or using some form of system-id as the encryption key key?

  9. Anonymous Coward
    Anonymous Coward

    Well thank god

    they have a solution to this problem, I was losing sleep at night worrying about this style of attack.

  10. Stuart
    Flame

    Solved!

    I've solved the problem. I've now electrified my computer case and also filled the insides with barbed wire and thermite....now it wont turn on though :( I wonder why....

  11. Steven Raith

    Disable hibernation?

    Problem solved?

  12. Robert Heffernan
    Coat

    Secure RAM??

    Why not just build some extra functionality into the RAM modules that when the power supply to the module sags below a pre-determined voltage, it clears a register in the chip that forces a return of 0x00000000 on any memory that has not been written to since powering-up.

    Something along this line would kill these cold boot attacks dead since you can't read the value of a memory address until it's been written to.

    The only way I can see to get around this, you would need to supply a constant source of power to the module so it doesn't flag the memory as powered-off, and then you would need to some how provide a DRAM refresh cycle while the RAM is removed from the PC which isn't something you are gunna be able to do quickly and/or easily!

    *Grabs his coat and heads to the patent office!

This topic is closed for new posts.