Categories
Computing

Exploit of DRAM vulnerability leads to attack vector on disk encryption

Ed Felten and his colleagues have released an amazing research result which leads to an attack on hard disk encryption systems such as TrueCrypt, BitLocker and FileVault. Through the process of rapidly reducing the temperature of the memory chips in a computer they can extract the data contained within which would include the encryption key neccessary to decrypt the computer’s hard drive. [via]

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials.

This is a very interesting piece of research but I don’t believe that it actually yields a practicable attack on hard disk encryption as long as the user maintains control of their computer in the thirty seconds or less following shutdown.

Just make sure that you don’t leave your laptop laying around whilst in sleep mode or locked by a screensaver password, but a user with enough security sense to have hard disk encryption on there computer is unlikely to do that anyway.

Declan McCullagh gives his analysis of the research in this article Disk encryption may not be secure enough, new research finds.

By Matt Wharton

Matt Wharton is a dad, vlogger and IT Infrastructure Consultant. He was also in a former life a cinema manager.

Blogging here and at mattwharton.co.uk

Watch our family's vlog at YouTube

Follow me on Twitter