cold boot attacks on disk encryption

Jack Lloyd lloyd at randombit.net
Thu Feb 21 15:13:30 EST 2008


On Thu, Feb 21, 2008 at 12:10:33PM -0500, Perry E. Metzger wrote:
> 
> Ed Felten blogs on his latest research:
> 
> http://www.freedom-to-tinker.com/?p=1257
> 
> Excerpt:
> 
>     Today eight colleagues and I are releasing a significant new
>     research result. We show that disk encryption, the standard
>     approach to protecting sensitive data on laptops, can be defeated
>     by relatively simple methods. We demonstrate our methods by using
>     them to defeat three popular disk encryption products: BitLocker,
>     which comes with Windows Vista; FileVault, which comes with MacOS
>     X; and dm-crypt, which is used with Linux.

While they did have some success with recovering an entire AES key
schedule uncorrupted, it seems important to note that the simplistic
nature of the AES and DES key schedules allowed them to recover the
entire original key even after the state had been somewhat degraded
with only moderate amounts of work. A cipher with a better key
schedule (Blowfish or Serpent, for instance) would seem to offer some
defense here.

Jack

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list