

The Weak Link in Full-Disk Encryption (PDF) - all
http://citp.princeton.edu/pub/coldboot.pdf

======
rakkhi
Good article and I think you are doing some very interesting research.

My problem with this type of research though is the amount of fear,
uncertainty and doubt (FUD) it generates. Your attacks are viable if certain
very precise conditions are in place i.e.:

[+] device has not been shut down for a period of time(you can probably advice
what that is) [+] the attacker knows and cares enough to try a cold boot
attack and recover keys from the DRAM, and doesn't have any other easier
options available to them to get the data [+] they are able to take the memory
out and store it in ultracool conditions [+] the user has not applied another
level of encryption on top for really sensitive files e.g. PGP file / email
encryption

I mean if I was the US, Chinese, Russian governments or organized crime and
wanted something on someone's laptop I would just kidnap them or hold their
family hostage and ask for the password. Although Truecrypt hidden operating
system was designed as some mitigation to this type of attack

------
rakkhi
I had a question on my blog: [http://rakkhi.blogspot.com/2010/09/3-million-
reasons-to-encr...](http://rakkhi.blogspot.com/2010/09/3-million-reasons-to-
encrypt-your.html)

Have you tried or are you aware of anyone sucessfully using a cold boot attack
on Blackberry or other mobile phone memory to extract encryption keys?

------
ax0n
More than 2 years old... But I digress.

The real lesson here is that generally, physical access is ultimate access.

------
martinp
loop-AES can apparently prevent this type of attack. See the paragraph about
key scrubbing in their README file: <http://loop-aes.sourceforge.net/loop-
AES.README>

------
beanfeast
So it seems that the fix for losing data on hung PCs is similar to that for
involuntary amputees: gather up the bits you need, shove them on ice and get
yourself as quickly as possible to someone who knows what to do with them.

------
one010101
What worries me about it is simply the fact that just a few single-bit errors
can make the entire disk unusable. Backup, backup, backup!

