Comments on: Cold boot encryption attack video

By: Cheng

Cheng — Sat, 17 May 2008 04:44:56 +0000

Interesting video but the comment the reporter lady said after the credits really made my day. it took me by surprise and I almost choked on my coffee :D

“If only I could unsee.. what Ive seen with these eyes….. Two girls one cup was just the start”

By: Jacob Appelbaum

Jacob Appelbaum — Fri, 16 May 2008 01:02:51 +0000

Heya Eliot! Thanks for the link and the nice words. Two minor corrections, one is that my last name is spelled with ‘el’ and not ‘le’: Appelbaum.

The other is that while I sure wish I worked for the EFF, I was simply in the EFF offices. This was unclear because the final cut of the video cut out Seth and Peter, they actually work at the EFF and I do not.

Thanks again!

By: mojo

mojo — Wed, 14 May 2008 14:32:51 +0000

There are simple ways to defeat this, and although not 100% reliable they are pretty effective.

You have to consider what sort of situation this attack is likely to be used in. The attacker would have to get to the machine while it is powered on, but be unable to access it due to software security (passwords etc). So, they reboot the system and try to recover the encryption keys from RAM.

Why would you need to freeze the RAM if you could just hit the reset button? Well, the reset button might be disconnected, or the BIOS might be set up to do a full memory check which would overwrite every byte in RAM. The only way to be sure to avoid the BIOS wiping RAM would be to power the machine off, reset the BIOS and power it back on. Note that in laptops, even resetting the BIOS (which is typically very difficult as it involved opening the laptop up) often does not clear the power-on password.

So, the attacker wants to freeze the RAM and put it into their own machine for reading. It's going to be hard to freeze it, transport it to the new machine and install it without data loss, but for arguments sake let's say it's possible.

Most machines have a case open switch, which could be used to trigger a memory wiping program. Assuming the program was intelligent things like encryption keys could be erased in nanoseconds, and the entire RAM in a few seconds. The attacker would have to power off before opening the case, increasing the time before they can freeze the RAM and thus increasing data loss.

Really, this kind of attack, assuming you are reasonably well prepared for it, is not particularly effective. For anyone worried about law enforcement, setting the BIOS to do a full memory test and setting a BIOS password is enough to prevent it in most cases. An improvement would be to make sure your BIOS does a full memory test by default (i.e. after being reset). Some mobos do that, if yours doesn't a BIOS editor might fix that.

By: Markie

Markie — Wed, 14 May 2008 12:52:35 +0000

pascal:

Removing the “super” ram and replacing it with regular ram would avoid this. Perhaps if you soldered the memory on…

Or if every ram manufacturer goes the route of replacing every ram module with “super” ram, then you can sure bet that someone will find a way to disable the process and still use the attack.

By: crust

crust — Wed, 14 May 2008 09:48:58 +0000

Maybe not solved in said laptop, but ATM encryption cards have been potted, wrapped in 40AWG wire, and configured with X-ray sensors in addition to the temperature sensor to get around this problem. Good RAM can keep charge on the caps for a while even after the refresh goes away.

By: random

random — Wed, 14 May 2008 07:24:09 +0000

I didn't read the instructions: here's the link to the ad/article:
http://rfdesign.com/military_defense_electronics/physical-security-encryption-keys-1207/

By: random

random — Wed, 14 May 2008 07:21:00 +0000

I dunno about foolproof, but Maxim makes a chip that’s very good at dealing with this problem: check out the DS3600 series, as talked about in this article/advertisement.
Internal temp-detection mechanism that registers a change in temperature in 100ns and sets a tamper alarm (that’s much faster than the chip can actually be cooled to stop functioning) and once the alarm is set, it blanks all the crypto keys it has onboard. It also continually rewrites the crypto keys, xoring them each time, so they don’t build up a charge that can be recovered even after they’ve been wiped, and the chip itself is designed with its interface to the board practically unavailable by putting the data pins inside a perimeter of sense pins in a BGA.
Other companies have similar things — and this is stuff being sold on the open market. Captive fabs building just for the government probably have more interesting stuff yet.

By: Wolf

Wolf — Wed, 14 May 2008 03:56:04 +0000

Yeah, you could encrypt the ram, and store the key in the processor cache, implementing custom ram that stores enough power to delete itself on power loss would also be an option.

Or you could just, you know, turn off your computer when your done using it…

By: predator

predator — Wed, 14 May 2008 03:40:24 +0000

what if a person designed an OS that required use of a USB stick that had the encryption key on it…so that all data on the RAM was encrypted…could everything be considered safe then? and if a person removed the stick which cleared RAM automatically?

are you safe then?

By: Eliot

Eliot — Wed, 14 May 2008 02:00:15 +0000

Yeah, I had the audacity of including a link to our February post in this new post. ;)

This video is interesting because it comes after several months of talking about the problem. In the first release they hadn’t perfected the ipod or network dump. Jake also mentions that DDR3 can report chip temperature so future bioses could scram if they thought they were being attacked.

By: Joe

Joe — Wed, 14 May 2008 00:23:38 +0000

Yeah, this is old news. I wrote about it, back when it was new fresh news full of life! http://www.webpulp.org/videos/breaking-disk-encryption-with-ram-dumps/

By: tim

tim — Wed, 14 May 2008 00:17:49 +0000

deja vu!…this was posted here back in February

By: tommy

tommy — Tue, 13 May 2008 22:41:47 +0000

@skyler
so you advocate keistering your RAM?

By: pascal

pascal — Tue, 13 May 2008 22:26:17 +0000

I don’t know about RAM init procedures, but couldn’t one build chips that, when powered on, ensure they’re filled with all 0’s? so an attacker might freeze them, and build them into another machine in order to read them out etc, but once the machine powers on, data would be erased… (and if this feature is really *inside* the RAM chips, not just on the same board, there should be no way to get around this, as you can’t yet determine the state of every electron inside the chip^^)

or is it possible to freeze the RAM in a way that makes it “read-only”?

By: Skyler Orlando

Skyler Orlando — Tue, 13 May 2008 22:19:01 +0000

I have a better solution. Remove all ram from your laptop before
shutting it down. *evil grin*

And store it in a closed bottle of warm water to help the data fade
faster...

Disclaimer- Do not try this at home, kids! ;)