Mr. Applebaum: Are you now suggesting that loop-aes has now been subverted in some manner? V/R, Stuart Quoting Jacob Appelbaum <jacob@xxxxxxxxxxxxx>: > Boyd Waters wrote: > > On Feb 21, 2008, at 12:17 PM, a co-worker wrote: > > > >> Research at Princeton demonstrated that it is possible to recover > >> significant information from mounted FileVault, i.e. a stolen > >> sleeping laptop, using a cold reboot technique. > >> > >> from: <http://citp.princeton.edu/memory/> > > > > > > I really like the part about cooling the RAM to -50C with a can of > > compressed air. Keeps the bits from rotting. > > Thanks! We thought it was a cute attack as well! > > Cooling the RAM isn't strictly required. Some of our most fun proof of > concept attacks don't require anything more than a reboot. > > > > > No one has mentioned loop-aes, for Linux, which twiddles the bits of the > > key (in RAM) periodically (XOR with a known string of random bits, > > generated at boot-time) - so it moves the key around in memory, and > > flips the ones and zeroes back and forth. I think that would complicate > > the attack mentioned in the paper. > > > > We did run our attacks on loop-aes and we did find keying material. We > actually found a very large amount of keying material. We didn't bother > to implement a decryption utility with the keys found it memory, it > would be trivial to do so though. > > Regards, > Jacob Appelbaum > > > - > Linux-crypto: cryptography in and on the Linux system > Archive: http://mail.nl.linux.org/linux-crypto/ > > -- IT2 Stuart Blake Tener, USNR, N3GWG (Extra), MROP Beverly Hills, CA / Las Vegas, NV / Philadelphia, PA / Washington, DC mobile: (310) 358-0202 Nextel: 124*233172*14 (direct connect) e-mail: teners@xxxxxxxxxxx - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
