title: Cold bits as a security bypass

Cold bits as a security bypass

By: Scott Bradner

The headline in the New York Times was certainly designed to catch a security person's eye -- "Researchers Find Way to Steal Encrypted Data." But, in most cases the risk, while real, is less than the headline implies.

It turns out that some researchers at Princeton University followed up on earlier research that showed that modern computer memories retained their contents even with the power off (known as memory remanence) and that the retention time could be lengthen by cooling the memory. (See p 282 Anderson: "Security Engineering" http://www.cl.cam.ac.uk/~rja14/Papers/SE-14.pdf) (This information almost makes me want to reminisce about core memory. http://en.wikipedia.org/wiki/Core_memory) The researchers then set about seeing if they could use various techniques, including ones related to memory remanence to extract encryption keys that had been stored in the memory of a computer that was using disk encryption. They found they could, in many cases, find the key and thus break the security of the encrypted disk.

The Princeton researchers describe their attack in their paper: "Lest We Remember: Cold Boot Attacks on Encryption Keys" (http://citp.princeton.edu.nyud.net/pub/coldboot.pdf) and describe it in a video on their web site, (http://citp.princeton.edu/memory/

) including cooling the memory chips using a can of duster.

The risk of the particular attack can be largely mitigated if the user has an idea when their computer might be attacked. For example, if you are entering the US and are worried about US Customs wanting to peer into your machine. (http://www.schneier.com/blog/archives/2008/02/us_customs_seiz.html) In this case, and in other cases where you are worried that a laptop could be stolen you can be well protected if you do not have the machine set to autologin and you turn the machine fully off (not just put in sleep mode) when you are told to shut down your electronic devices in preparation for landing. You would be even better off using the hidden volume mode in True Crypt (http://www.truecrypt.org/) so that you could boot the machine for the nice Customs person and they would not even know you had encrypted information on your machine so would not badger you for your key. (http://www.lawtechjournal.com/articles/2004/02_040413_clemens.pdf)

The paper also includes a number of ways that computer manufactures and operating system vendors can reduce or eliminate the disclosure risk. I use File Vault on my Mac and I hope that Apple will tweak their software to maximize the protection. Not because, I hasten to add, that I have any illegal information on my laptop, but because I have information that some of my clients would not like to see in the press.

It is harder to protect against someone grabbing a computer from your desk when your back is turned, enabling a password protected screen saver that kicks in when the cover is closed helps, but the thief, could just not close the cover. Note that no fancy effort is needed in this case since the thief already has access to your unencrypted disks through the regular user interface.

One place where the Princeton process can clearly be used is where the thief steals a computer with a locking wakeup screen which is using disk encryption and that the user put into sleep mode. The thief will not be able to login to the machine because of the wakeup screen. But the machine has power so the memory is not fading. Cooling the memory would then allow the thief to swap the memory to another computer for reading. So don't leave your laptop lying around on the front seat of your car in sleep mode with state secrets on it.

disclaimer: I'm not sure how you could tell if some parts of Harvard were in sleep mode but, in any case, the above discussion is mine not the university's.