the cold-boot attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Feb 21, 2008, at 12:17 PM, a co-worker wrote:

Research at Princeton demonstrated that it is possible to recover
significant information from mounted FileVault, i.e. a stolen
sleeping laptop, using a cold reboot technique.

from: <http://citp.princeton.edu/memory/>


I really like the part about cooling the RAM to -50C with a can of compressed air. Keeps the bits from rotting.

No one has mentioned loop-aes, for Linux, which twiddles the bits of the key (in RAM) periodically (XOR with a known string of random bits, generated at boot-time) - so it moves the key around in memory, and flips the ones and zeroes back and forth. I think that would complicate the attack mentioned in the paper.



- boyd

Boyd Waters
Scientific Programmer
National Radio Astronomy Observatory
New Mexico, USA, Earth


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux