[115562] in cryptography@c2.net mail archive
Re: cold boot attacks on disk encryption
daemon@ATHENA.MIT.EDU (Ali, Saqib)
Thu Feb 21 14:58:37 2008
Date: Thu, 21 Feb 2008 09:49:32 -0800
From: "Ali, Saqib" <docbook.xml@gmail.com>
To: "Perry E. Metzger" <perry@piermont.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <87r6f66xrq.fsf@snark.cb.piermont.com>
interesting paper. but i fail to see how this could be "deadly" (as
the author puts it) to the disk encryption products.
This methods requires the computer to be "recently" turned-on and unlocked.
So the only way it would work is that the victim unlocks the disks
i.e. enter their preboot password and turn off the computer and
"immediately" handover (conveniently) the computer to the attacker so
that the attacker remove the DRAM chip and store in nitrogen. And the
attacker has to do all this in less then 2 seconds.... :) If the
attacker is standing right next to the victim, why even let the victim
turn-off the unlocked computer????
Or am I missing something?
--
Saqib Ali,
http://www.full-disk-encryption.net
On 2/21/08, Perry E. Metzger <perry@piermont.com> wrote:
>
> Ed Felten blogs on his latest research:
>
> http://www.freedom-to-tinker.com/?p=1257
>
> Excerpt:
>
> Today eight colleagues and I are releasing a significant new
> research result. We show that disk encryption, the standard
> approach to protecting sensitive data on laptops, can be defeated
> by relatively simple methods. We demonstrate our methods by using
> them to defeat three popular disk encryption products: BitLocker,
> which comes with Windows Vista; FileVault, which comes with MacOS
> X; and dm-crypt, which is used with Linux.
>
> More info: http://citp.princeton.edu/memory
>
> Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
>
>
>
> --
> Perry E. Metzger perry@piermont.com
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
