Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[REVS] Cold Boot Attacks on Disk Encryption

from [SecuriTeam] Network Security [Permanent Link]
Subject: [REVS] Cold Boot Attacks on Disk Encryption
Date: 25 Feb 2008 19:32:10 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Cold Boot Attacks on Disk Encryption
------------------------------------------------------------------------


SUMMARY

The below linked paper shows that disk encryption, the standard approach 
to protecting sensitive data on laptops, can be defeated by relatively 
simple methods. The paper also demonstrates the methods by using them to 
defeat three popular disk encryption products: BitLocker, which comes with 
Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is 
used with Linux.

DETAILS

Abstract
Contrary to popular assumption, DRAMs used in most modern computers retain 
their contents for seconds to minutes after power is lost, even at 
operating temperatures and even if removed from a motherboard. Although 
DRAMs become less reliable when they are not refreshed, they are not 
immediately erased, and their contents persist sufficiently for malicious 
(or forensic) acquisition of usable full-system memory images. We show 
that this phenomenon limits the ability of an operating system to protect 
cryptographic key material from an attacker with physical access. We use 
cold reboots to mount attacks on popular disk encryption systems   
BitLocker, FileVault, dm-crypt, and TrueCrypt   using no special devices 
or materials. We experimentally characterize the extent and predictability 
of memory remanence and report that remanence times can be increased 
dramatically with simple techniques. We offer new algorithms for finding 
cryptographic keys in memory images and for correcting errors caused by 
bit decay. Though we discuss several strategies for partially mitigating 
these risks, we know of no simple remedy that would eliminate them.


ADDITIONAL INFORMATION

The information has been provided by  <mailto:jacob@appelbaum.net> Jacob 
Appelbaum.
The original article can be found at:  
<http://citp.princeton.edu.nyud.net/pub/coldboot.pdf> 
http://citp.princeton.edu.nyud.net/pub/coldboot.pdf



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [REVS] Cold Boot Attacks on Disk Encryption, SecuriTeam <=
Previous by Date:  [NEWS] BEA WebLogic Server Infinite Invalid Authentication Attempts, SecuriTeam
Next by Date:  [TOOL] Creddump - Extracts Credentials from Windows Registry Hives, SecuriTeam
Previous by Thread:  [NEWS] BEA WebLogic Server Infinite Invalid Authentication Attempts, SecuriTeam
Next by Thread:  [TOOL] Creddump - Extracts Credentials from Windows Registry Hives, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]