Re: the cold-boot attack - a paper tiger?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 29.05.2008 20:56, Peter_22@xxxxxx wrote:
> Hello everyone!
> 
> To summarize the findings, I would like to distinguish two things:
> 
> 2.
> In case of a crash, reset or loss of power, all key material used for reading of and writing to encrypted volumes remains in DRAM for a certain period of time, depending on ambient temperature. A copy of the decaying memory cells can be made for some time. This situation applies to all kinds of software, operating systems and applications which make use of DRAM. Since this approach emanates from semiconductor physics it cannot be fixed by a software-based workaround.

Slight correction here.

In case of crash or reset the memory-contents is retained indefinetly!

- Press reset
- Press key to enter BIOS-setup or halt booting any other way
  e.g. by yanking the HDD (to be sure, also yank all other storage-type 
  cables and don't forget the network-cable for good measure. (I have a 
  machine that boots via the PXE-ROM of the network-chip on the MB))

- Fixing the reset-key held down should also work. Or Placing a jumper 
on the reset-connector of the MB. This should have the advantage that 
even a patched BIOS (Think LinuxBIOS or something along the line) 
shouldn't be able to do anything.


Now the attacker has all the time in the world.



Bis denn

-- 
Real Programmers consider "what you see is what you get" to be just as 
bad a concept in Text Editors as it is in women. No, the Real Programmer
wants a "you asked for it, you got it" text editor -- complicated, 
cryptic, powerful, unforgiving, dangerous.


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux