wrt Cold Boot Attacks on Disk Encryption
' =JeffH '
Jeff.Hodges at KingsMountain.com
Thu Feb 21 18:01:22 EST 2008
From: David Farber <dave at farber.net>
Subject: [IP] Cold Boot Attacks on Disk Encryption -- report on
To: "ip" <ip at v2.listbox.com>
Date: Thu, 21 Feb 2008 16:25:43 -0500
Begin forwarded message:
From: Declan McCullagh <declan at well.com>
Date: February 21, 2008 3:57:43 PM EST
To: dave at farber.net
Cc: Jacob Appelbaum <jacob at appelbaum.net>
Subject: Re: [IP] Cold Boot Attacks on Disk Encryption
Dave,
The paper published today makes some pretty strong claims about the
vulnerabilities of Microsoft's BitLocker, Apple's FileVault,
TrueCrypt, Linux's dm-crypt subsystem, and similar products.
So I put the folks behind it to a test. I gave them my MacBook laptop
with FileVault turned on, powered up, encrypted swap enabled, and the
screen saver locked.
They were in fact able to extract the 128-bit AES key; I've put screen
snapshots of their FileVault bypass process here:
http://www.news.com/2300-1029_3-6230933-1.html
And my article with responses from Microsoft, Apple, and PGP is here:
http://www.news.com/8301-13578_3-9876060-38.html
Bottom line? This is a very nicely done attack. It's going to make us
rethink how we handle laptops in sleep mode and servers that use
encrypted filesystems (a mail server, for instance).
- -Declan
Jacob Appelbaum wrote:
> With all of the discussions that take place daily about laptop
> seizures,
> data breech laws and how crypto can often come to the rescue, I
> thought
> the readers of IP might be interested in a research project that was
> released today. We've been working on this for quite some time and are
> quite proud of the results.
> Ed Felten wrote about it on Freedom To Tinker this morning:
> http://www.freedom-to-tinker.com/?p=1257
- -------------------------------------------
Archives: http://www.listbox.com/member/archive/247/=now
RSS Feed: http://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
----------
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list