funsec mailing list archives

Re: RIP: Full disk encryption?

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Fri, 22 Feb 2008 16:38:29 +0200 (EET)

From http://blogs.zdnet.com/security/?p=900


"That key assumption is now being fundamentally challenged with a $7 can of compressed air and its enough to give 
every security professional heart burn."

:-)

Working URL of the research site for plaintext e-mail clients:
http://citp.princeton.edu/memory/

Juha-Matti

"Richard M. Smith" <rms () computerbytesman com> wrote:

http://www.nytimes.com/pages/technology/index.html

A Method for Critical Data Theft

By JOHN MARKOFF

<http://www.nytimes.com/2008/02/22/technology/22chip.html> A Method for
Critical Data Theft
Center for Information Technology Policy, Princeton University
Princeton-based researchers broke the encryption system by freezing memory
chips, permitting them to read the software.

SAN FRANCISCO - A group led by a Princeton
<http://topics.nytimes.com/top/reference/timestopics/organizations/p/princet

on_university/index.html?inline=nyt-org> University computer security

researcher has developed a simple method to steal encrypted information
stored on computer hard disks.

The technique, which could undermine security software protecting critical
data on computers, is as easy as chilling a computer memory chip with a
blast of frigid air from a can of dust remover. Encryption software is
widely used by companies and government agencies, notably in portable
computers that are especially susceptible to theft.

The development, which was described on the group
<http://citp.princeton.edu/memory/> 's Web site Thursday, could also have
implications for the protection of encrypted personal data from prosecutors.


The move, which cannot be carried out remotely, exploits a little-known
vulnerability of the dynamic random access, or DRAM, chip. Those chips
temporarily hold data, including the keys to modern data-scrambling
algorithms. When the computer's electrical power is shut off, the data,
including the keys, is supposed to disappear.



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

RIP: Full disk encryption? Richard M. Smith (Feb 22)
- Re: RIP: Full disk encryption? Lubomir Kundrak (Feb 22)
  - Re: RIP: Full disk encryption? der Mouse (Feb 22)
- Re: RIP: Full disk encryption? mark seiden-via mac (Mar 13)
- <Possible follow-ups>
- Re: RIP: Full disk encryption? Juha-Matti Laurio (Feb 22)