Cold-Based Encryption-Cracking Code Published

rated by 0 users
This post has 1 Reply | 0 Followers

Top 10 Contributor
Posts 26,722
Points 1,208,955
Joined: Sep 2007
News Posted: Tue, Jul 22 2008 4:17 PM
You'll recall that in February security researchers found a way to break into encrypted hard drives by using a trick that relies on the fact that RAM dissipates its contents slower if cooled.

The research paper, by Princeton, the Electronic Frontier Foundation, and Wind River Systems was titled "Lest We Remember: Cold Boot Attacks on Encryption Keys" (.PDF").  Over the weekend, timed to coincide with the Last HOPE hacker conference over the weekend in New York, the source code was published to the Web.

Of course, this technique only works if the laptop hasn't already been turned off, which would have enabled the memory to fully dissipate.  This probably isn't the method most people on your laptop, as it requires some degree of expertise, but are you still worried about someone breaking your encryption using this method?  Turn off your laptop; don't have it go into sleep mode.

Watch a video demo of the method at work:
  • | Post Points: 20
Top 500 Contributor
Posts 150
Points 2,250
Joined: Sep 2007
Location: U.S.
mazuki replied on Tue, Jul 22 2008 4:26 PM
you don't even have to turn it off and use their program, if someone has the computer on, and the key active, you can simply dump the process memory and many times find the key in plain-text, there are precautions for this, but many do not take them.

also on boot-up encryption, the key is also stored in memory on a chip, sometimes barely hashed (md5)
  • | Post Points: 5
Page 1 of 1 (2 items) | RSS