cold boot attacks on disk encryption
Ali, Saqib
docbook.xml at gmail.com
Thu Feb 21 12:49:32 EST 2008
interesting paper. but i fail to see how this could be "deadly" (as
the author puts it) to the disk encryption products.
This methods requires the computer to be "recently" turned-on and unlocked.
So the only way it would work is that the victim unlocks the disks
i.e. enter their preboot password and turn off the computer and
"immediately" handover (conveniently) the computer to the attacker so
that the attacker remove the DRAM chip and store in nitrogen. And the
attacker has to do all this in less then 2 seconds.... :) If the
attacker is standing right next to the victim, why even let the victim
turn-off the unlocked computer????
Or am I missing something?
--
Saqib Ali,
http://www.full-disk-encryption.net
On 2/21/08, Perry E. Metzger <perry at piermont.com> wrote:
>
> Ed Felten blogs on his latest research:
>
> http://www.freedom-to-tinker.com/?p=1257
>
> Excerpt:
>
> Today eight colleagues and I are releasing a significant new
> research result. We show that disk encryption, the standard
> approach to protecting sensitive data on laptops, can be defeated
> by relatively simple methods. We demonstrate our methods by using
> them to defeat three popular disk encryption products: BitLocker,
> which comes with Windows Vista; FileVault, which comes with MacOS
> X; and dm-crypt, which is used with Linux.
>
> More info: http://citp.princeton.edu/memory
>
> Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
>
>
>
> --
> Perry E. Metzger perry at piermont.com
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list