Error correction with aes-looback / cryptoloop?
Mike Oliver
moliver-fC0AHe2n+mcIvw5+aKnW+Pd9D2ou9A/h at public.gmane.org
Thu Feb 28 06:28:55 UTC 2008
Quoting Jamon Camisso <jamon.camisso-H217xnMUJC0sA/PxXw9srA at public.gmane.org>:
> OTOH, see http://citp.princeton.edu/memory/ for an interesting piece
> on retrieving encryption keys from suspended/hibernated machines from
> a cold boot. The story made the rounds a few days ago:
>
> "Contrary to popular assumption, DRAMs used in most modern computers
> retain their contents for seconds to minutes after power is lost,
> even at operating temperatures and even if removed from a
> motherboard. Although DRAMs become less reliable when they are not
> refreshed, they are not immediately erased, and their contents
> persist sufficiently for malicious (or forensic) acquisition of
> usable full-system memory images. We show that this phenomenon limits
> the ability of an operating system to protect cryptographic key
> material from an attacker with physical access. We use cold reboots
> to mount attacks on popular disk encryption systems — BitLocker,
> FileVault, dm-crypt, and TrueCrypt — using no special devices or
> materials."
Very interesting; thanks for pointing that out. But it doesn't make
me *too* worried; it seems that the baddie has to snatch your machine
within five minutes of power-down to have any chance at all, and even then
he has to move fast with operations that are not exactly inconspicuous
in an airport. The thing about the swap is a good point, though; I'll look
into that, even though I don't think my machine uses swap much in ordinary
operation.
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list