[PLUG] Cold Boot attacks on RAM

[Keith Lofstrom]

On Mon, Feb 25, 2008 at 08:30:31AM -0800, m0gely wrote:
> 
> So, just having installed TrueCrypt on my spare laptop and encrypted the 
> system drive, I saw this video a few days ago and was impressed by the 
> simplicity of it all. I'm sure the TC guys (et al) are working on 
> solutions, but do you think that in situations like this, when the key 
> is entered at boot, it's then passed onto the disk where it is now 
> readable? Then an operation can be done to zero out either the part of 
> memory that contained the key, or all the memory if necessary before 
> proceeding to boot the OS? I don't know what kind of performance 
> penalties would be incurred though, or is such an idea is even good at all.

The key stays in RAM. In fact, for most of these programs the key is stored
in a partially precomputed form, such as "key schedules for block ciphers"
to quote the paper.  These precomputations greatly minimize the delay
associated with decrypting the hard drive,  however, they create a lot
of redundancy, which makes key recovery after partial decay much easier. 
Without the precomputation, disk access would be pig slow.

A BIOS boot sequence that clears the memory (such as a memory check)
provides partial protection.  At least, that occurs before the boot
loader pulls who-knows-what-program from who-knows-what boot device.
That means the bad guys have to take the time to disable the RAM check,
or take the time to open the laptop in preparation for removing the 
memory card.  

Programs like TrueCrypt are still valuable;  if your laptop is stolen,
the thief is not a spy 99% of the time, and won't have tools necessary
to recover the key.  If the thief sells your laptop to a spy, the
memory will have been long since erased and written over.  You can't
expect perfect security with any program or hardware;  but for a given
expenditure in effort and performance, you can reduce the risk of loss.

Storing data /anywhere/ has risks and costs associated with it.  Taking
that data outside of a controlled environment greatly adds to the risks.
Most sensitive data should never go anywhere near a laptop.

I assume my laptop will be stolen, someday.  I expect that the bad guys
will see the "weird" Linux on it and realize that it will have to be
rewritten with Windows before it can be sold to a fence.  Chances are,
the laptop will be trashed and discarded or overwritten.  So, my risk
is not zero, but smaller than it would be if I was running a more
popular OS.

> It was interesting seeing the picture example, as it reminded me of 
> resetting my Zaurus. The contents on the display last, would fade out 
> like that on a reset.

That wasn't the RAM you were seeing, but the effect is similar.  The
voltages that drive the liquid crystals in an LCD display are also
stored on pixel capacitors between refreshes, and they decay in a
similar fashion.  So the fading you saw on your Zaurus is quite a good
analogy.  Cooling the display would slow the decay, although liquid
crystals are also temperature sensitive, so the slow decay would be
affecting a bad picture.

Keith

-- 
Keith Lofstrom          keithl at keithl.com         Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs