[115581] in cryptography@c2.net mail archive
Re: cold boot attacks on disk encryption
daemon@ATHENA.MIT.EDU (Jon Callas)
Thu Feb 21 18:57:40 2008
Cc: "Perry E. Metzger" <perry@piermont.com>,
cryptography@metzdowd.com
From: Jon Callas <jon@callas.org>
To: "Ali, Saqib" <docbook.xml@gmail.com>
In-Reply-To: <addede3b0802211214n279141d8tfc23bc6a9815422a@mail.gmail.com>
Date: Thu, 21 Feb 2008 13:26:15 -0800
On Feb 21, 2008, at 12:14 PM, Ali, Saqib wrote:
> However, the hardware based encryption solutions like (Seagate FDE)
> would easily deter this type of attacks, because in a Seagate FDE
> drive the decryption key never gets to the DRAM. The keys always
> remain in the Trusted ASIC on the drive.
Umm, pardon my bluntness, but what do you think the FDE stores the key
in, if not DRAM? The encrypting device controller is a computer system
with a CPU and memory. I can easily imagine what you'd need to build
to do this to a disk drive. This attack works on anything that has RAM.
Jon
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
