Re: the cold-boot attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



markus reichelt wrote:
> * Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote:
> 
>> Our paper is clear.
> 
> Link?
> 

Hi Markus,

Here's our official paper distribution point. I suggest the youtube
video as well, it's pretty nicely done:
http://citp.princeton.edu/memory/

> As already stated numerious times, if theres root access (eg full
> access to a machine's memory, including a virtual machine) it's a
> piece of cake to get one's hands on the key. 

Our attack works even after a full power off of the system.

>Key scrubbing in
> loop-AES only slightly complicates the issue, but as it has been
> publicly proven to work to snatch ssh keypairs from memory, it's just
> emphasising an attack vector that exists by design. And all the other
> publicly known linux crypto implementations suffer from it.

Yes. Of course.

> 
> IIRC, key scrubbing has been implemented in loop-AES because some
> Gutmann paper mentioned possible key recovery from imprinted RAM
> patterns.

Yes. This isn't the same issue.

> 
> Please, before stating your claims be sure to clearly point out your
> attack vector.
> 

Feel free to read the paper and let us know what you think.

Regards,
Jacob Appelbaum

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux