The security researcher, who in February this year demonstrated a 'cold boot' attack, has released the utilities used at the Hackers on Planet Earth (HOPE) conference last weekend. You can read more about 'cold boot' attacks here [1], though the entire principle revolves around the reality that data stored in volatile RAM is, contrary to popular belief, not immediately lost upon powering down a system. Rather, it fades slowly over seconds or even minutes. The team has successfully demonstrated how a DIMM containing 128-bit AES encryption keys could be copied, reconstructing any decayed bits along the way.
What is the relevance of a 'cold boot' attack in the grand scheme of things? Consider just how this new attack vector renders current disk encryption schemes irrelevant. Indeed, the researchers were able to mount a BitLocker-encrypted volume put in an external USB drive in about 25 minutes. Anyway, you can find the research paper as well as explanatory video and the source code here [2].
For more on this chilling new attack vector:
- check out this Ars Technica article [3]
Links:
[1] http://arstechnica.com/news.ars/post/20080221-researchers-crack-filevault-bitlocker-with-canned-air-hack.html
[2] http://citp.princeton.edu/memory
[3] http://arstechnica.com/news.ars/post/20080721-source-code-published-for-cold-boot-exploit.html