FierceCIOFierceCIOTechWatchFierceMobileITFierceContentManagementFierceGovernmentIT   FierceVoIPFierceHealthITFierceFinanceIT

Source code for 'cold boot' attack released

Tools
Tags
Source Code
researcher
Research Paper
Hackers on Planet Earth (HOPE)
Hackers
Disk Encryption
Dimm
Cold Boot
BitLocker

The security researcher, who in February this year demonstrated a 'cold boot' attack, has released the utilities used at the Hackers on Planet Earth (HOPE) conference last weekend. You can read more about 'cold boot' attacks here, though the entire principle revolves around the reality that data stored in volatile RAM is, contrary to popular belief, not immediately lost upon powering down a system. Rather, it fades slowly over seconds or even minutes. The team has successfully demonstrated how a DIMM containing 128-bit AES encryption keys could be copied, reconstructing any decayed bits along the way.

What is the relevance of a 'cold boot' attack in the grand scheme of things? Consider just how this new attack vector renders current disk encryption schemes irrelevant. Indeed, the researchers were able to mount a BitLocker-encrypted volume put in an external USB drive in about 25 minutes. Anyway, you can find the research paper as well as explanatory video and the source code here.

For more on this chilling new attack vector:
- check out this Ars Technica article

Comments

Why not simply separate the key from the lock... use a USB Encryption Dongle that holds the keys and create software that ONLY uses the RAM / FLASH on the dongle to unlock the files. Take the USB dongle out of the machine - take it with you (or lock it in a safe) and the key is no longer (and never was) left in the machine's main RAM.

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

To combat spam, please enter the code in the image.