Interesting People mailing list archives
Cold Boot Attacks on Disk Encryption -- report on
From: David Farber <dave () farber net>
Date: Thu, 21 Feb 2008 16:25:43 -0500
Begin forwarded message: From: Declan McCullagh <declan () well com> Date: February 21, 2008 3:57:43 PM EST To: dave () farber net Cc: Jacob Appelbaum <jacob () appelbaum net> Subject: Re: [IP] Cold Boot Attacks on Disk Encryption Dave,The paper published today makes some pretty strong claims about the vulnerabilities of Microsoft's BitLocker, Apple's FileVault, TrueCrypt, Linux's dm-crypt subsystem, and similar products.
So I put the folks behind it to a test. I gave them my MacBook laptop with FileVault turned on, powered up, encrypted swap enabled, and the screen saver locked.
They were in fact able to extract the 128-bit AES key; I've put screen snapshots of their FileVault bypass process here:
http://www.news.com/2300-1029_3-6230933-1.html And my article with responses from Microsoft, Apple, and PGP is here: http://www.news.com/8301-13578_3-9876060-38.htmlBottom line? This is a very nicely done attack. It's going to make us rethink how we handle laptops in sleep mode and servers that use encrypted filesystems (a mail server, for instance).
-Declan Jacob Appelbaum wrote:
With all of the discussions that take place daily about laptop seizures, data breech laws and how crypto can often come to the rescue, I thoughtthe readers of IP might be interested in a research project that was released today. We've been working on this for quite some time and are quite proud of the results. Ed Felten wrote about it on Freedom To Tinker this morning: http://www.freedom-to-tinker.com/?p=1257
------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Cold Boot Attacks on Disk Encryption -- report on David Farber (Feb 21)