Lest We Remember: Cold Boot Attacks on Encryption Keys
2008-03-02 23:22
330 查看
引用:
Abstract Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.
代码:
Abstract Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.
代码:
http://citp.princeton.edu/memory/
相关文章推荐
- Generating SSH Keys on windows
- About UID and How to autostart an application on boot up in 3rd- Startup List Management API
- 生成ssh公有密钥并且注册到Github Generate ssh rsa keys and register public key on Github
- he upgrade needs a total of 92.1 M free space on disk '/boot'. Please free at least an additional 27
- update image on the board for uboot
- The Android boot process from power on
- Disable services on boot – Ubuntu 12.04
- [Android 問題] How to Add Virtual Keys on Status Bar?
- Codeforces Round #424 (Div. 2, rated, based on VK Cup Finals) Office Keys(思维)
- A Digital Signature Based on a Conventional Encryption Function【翻译】
- Failed to introspect annotated methods on class org.springframework.boot.web.support.SpringBootServl
- why do we use process keys
- Factory flashing with U-Boot and fastboot on Freescale i.MX6
- Running Dubbo On Spring Boot
- SpringBootApplication无法启动:Unregistering JMX-exposed beans on shutdown
- xenserver 6 auto start on server boot
- Android3.0 上的磁盘加密 Notes on the implementation of encryption in Android 3.0
- android boot process from power on
- org.springframework.expression.spel.SpelEvaluationException: EL1004E: Method call: Method service() cannot be found on com.my.blog.springboot.thymeleaf.util.MethodTest type
- Your boot partition is on a disk using the GPT