[117334] in cryptography@c2.net mail archive
Re: cold boot attacks on disk encryption
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sat Mar 15 16:54:04 2008
Date: Tue, 26 Feb 2008 05:06:47 +0000
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: "Ali, Saqib" <docbook.xml@gmail.com>
Cc: "Jon Callas" <jon@callas.org>, "Perry E. Metzger" <perry@piermont.com>,
cryptography@metzdowd.com
In-Reply-To: <addede3b0802211337j48ef16a2q4f00844c7763c4b4@mail.gmail.com>
On Thu, 21 Feb 2008 13:37:20 -0800
"Ali, Saqib" <docbook.xml@gmail.com> wrote:
> > Umm, pardon my bluntness, but what do you think the FDE stores the
> > key in, if not DRAM? The encrypting device controller is a computer
> > system with a CPU and memory. I can easily imagine what you'd need
> > to build to do this to a disk drive. This attack works on anything
> > that has RAM.
>
> How about TPM? Would this type of attack work on a tamper-resistant
> ver1.2 TPM?
See
http://technet2.microsoft.com/windowsserver2008/en/library/d2ff5c4e-4a68-4fd3-81d1-665e95a59dd91033.mspx?mfr=true
Briefly, there's a bit in the TPM that means "there are keys present;
zero RAM when booting". This does nothing against the guy with the
Dewar flask of liquid nitrogen, of course.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com