Disk encryption easily cracked, researchers find

Network World ^ | 21 February 2008 | Network World Staff

[ShadowAce]

[sionnsar]

Shouldn’t be too hard to have the BIOS write pseudo-random data to the DRAM as a last step in shut-down, no?

[sionnsar]

Or even zeros, since they’re reading the inferred data value not the DRAM cell charge itself.

[CA Conservative]

According to the article, the chips have to be cooled within seconds of the system shutting down to be able to recover the key from DRAM. That essentially means someone would have to steal a laptop that is still running to get the key. I’m not sure how big of a vulnerability this is in the real world.

[militem]

Does this only apply to hardwired desktops? What happens if I kill my wireless on my laptop before suspending?

[shorty_harris]

Yeah, the moral of the story is if you see someone you don’t know with a dewar of LN2 and a screwdriver hanging around your computer, you should become suspicious...

[sionnsar]

It's a sufficient vulnerability. Many years ago I remember using DRAM retention for some useful purpose (forgotten) that involved placing data in DRAM, cold-booting the machine, and reading the data in.

You'd likely get the same effect today by rebooting with a bootable CD or USB drive.

[sionnsar]

See #8.

[sionnsar]

No, cooling the chips extends the time in which you are likely to get the actual data. Room temperature can sufficient, if the boot time is short.

[Still Thinking]

Felten adds that even using Trusted Computing hardware doesn't help.

Now there's an understatement. ;-)

[djf]

I think the rest of the moral is that the people who spent time figuring out that if you yank out a chip, within .73 seconds dip it in liquid nitrogen, 43 seconds later install it in a new machine, run some specialized software, you MIGHT be able to unencrypt something.

These folks need jobs.
Real jobs.

[ThePythonicCow]

See also related FR posts at

• Attack on computer memory reveals vulnerability of widely-used security systems, and
• New Research Result: Cold Boot Attacks on Disk Encryption (keys vulnerable in DRAM after power cut).

[CA Conservative]

No, cooling the chips extends the time in which you are likely to get the actual data. Room temperature can sufficient, if the boot time is short.

That's my point - unless they grab a running machine or grab the machine within a few seconds of being shut down, this isn't that much of a vulnerability. For 99% of users, using the disk encryption will be sufficient. For government agencies or companies that have a lot of financial data on their laptops, which might be targeted by professional thieves or foreign governments, they may need to be concerned.

[Swordmaker]

File Vault on OSX is not 100% secure... 99.9999% but not 100%. Same for BitLocker on Wndows... PING!

Really out-of-the-realm-of-possibility security vulnerability discovered in encrypted disks on both Apple OS X and Windows Vista...

If you want on or off the Mac Ping List, Freepmail me.

[Richard Kimball]

We’re starting to develop a real “Boy who cried wolf” phenomena with the security people. I guess it’s like everything else. You’d better have someone translate. I consider myself fairly computer literate, but I had no clue whether it was a risk or not, until I realized you had to get the actual physical computer. I kind of figure if somebody gets the computer, they can probably figure out a way to get information out of it.

[6SJ7]

Watch out for cryogenic data pirates!

[Sunnyflorida]

Moral of the story: there are no perfect locks, only perfect fools that trust in them.

[TheBattman]

This requires physical access to the computer and fairly extra-ordinary methods (chilling the RAM to -54 degrees, removing it, putting in another computer, and read). While I won’t say that folks wouldn’t go through that for data, I believe it would likely be an extraordinary case - like national security or BIG bucks. And I believe that such extreme cases would probalby also involve more serious security protection than what comes “stock” on those computers.