I assume you mean "vulnerable".... All software-based encryption is vulnerable to cold-boot attacks, LUKS is no exception. There is nothing that can be done about it, and hence there is no discussion. An attacker can also simply go the full way and not cold boot, but remove the RAM modules and read them externally. This has been shown to work for a removal time in the minute range. Unless very carefully implemented, hardware encryption is vulnerable too. And, of course, anybody with access to running hardware with openend crypto containers can just try to break into it. Arno On Tue, Jan 14, 2014 at 02:25:56 CET, Timothy Alexander wrote: > Hello, > > I have a question. Is LUKS viable to a cold boot attack. TrueCrypt > is, but I'm not sure about LUKS. If it is, is there any discussion > of encrypting keys in RAM (assuming the computer is immediately > turned off, hibernating, or a container is unmounted). > > Thank you, > > Timothy > > ------------------------------------------------- > > VFEmail.net - http://www.vfemail.net > ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands! > $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! > No bandwidth quotas! > Commercial and Bulk Mail Options! > _______________________________________________ > dm-crypt mailing list > dm-crypt@xxxxxxxx > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
