Date: Sun, 24 Feb 2008 15:16:54 +0000 From: "Igor Mozolevsky" <igor@hybrid-lab.co.uk> To: "Bill Moran" <wmoran@collaborativefusion.com> Cc: hackers@freebsd.org Subject: Re: Security Flaw in Popular Disk Encryption Technologies Message-ID: <a2b6592c0802240716r77d728car411f6f8730b5d69c@mail.gmail.com> In-Reply-To: <20080224100924.c8e08776.wmoran@collaborativefusion.com> References: <47C06E1F.5020308@thedarkside.nl> <760775.85636.qm@web50306.mail.re2.yahoo.com> <20080223203316.GC38485@lor.one-eyed-alien.net> <a2b6592c0802231328y73da9605ybd3f5353ee32aa01@mail.gmail.com> <20080224100924.c8e08776.wmoran@collaborativefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 24/02/2008, Bill Moran <wmoran@collaborativefusion.com> wrote: > "Igor Mozolevsky" <igor@hybrid-lab.co.uk> wrote: > > > > On 23/02/2008, Brooks Davis <brooks@freebsd.org> wrote: > > > > > > > > You should actually read the paper. :) They successfully defeat both > > > of these type of protections by using canned air to chill the ram and > > > transplanting it into another machine. > > > > Easy to get around this attack - store the key on a usb > > stick/cd/whatever and every time the OS needs to access the encrypted > > date the key should be read, data decrypted, then key wiped from the > > memory; or have the daemon erase the key from memory every T minutes > > and re-acquire the key at next access attempt... > > > This is only effective if the sensitive data is infrequently accessed. > If the unit is asleep, then software isn't running and it's not possible > to kick of a timer to clear the memory, so it doesn't even start to > solve that problem. IMO the possibility of such attack is so remote that it doesn't really warrant any special attention, it's just something that should be kept in mind when writing "secure" crypto stuff...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a2b6592c0802240716r77d728car411f6f8730b5d69c>