cold boot attacks on disk encryption
Jacob Appelbaum
jacob at appelbaum.net
Thu Feb 21 21:09:15 EST 2008
Jon Callas wrote:
>
> On Feb 21, 2008, at 12:14 PM, Ali, Saqib wrote:
>
>> However, the hardware based encryption solutions like (Seagate FDE)
>> would easily deter this type of attacks, because in a Seagate FDE
>> drive the decryption key never gets to the DRAM. The keys always
>> remain in the Trusted ASIC on the drive.
>
> Umm, pardon my bluntness, but what do you think the FDE stores the key
> in, if not DRAM? The encrypting device controller is a computer system
> with a CPU and memory. I can easily imagine what you'd need to build to
> do this to a disk drive. This attack works on anything that has RAM.
>
Actually, I hear that some companies store the keys on the platters of
the disk. Again this is if they're actually using crypto and not just
selling XOR'ed blocks of data.
To project the keys, they limit standard read commands to not enter
those areas of the disk. Of course the vendor provides a method to read
those areas of disk, it's just a matter of finding them.
Regards,
Jacob Appelbaum
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list