Date: Sat, 23 Feb 2008 21:28:58 +0000 From: "Igor Mozolevsky" <igor@hybrid-lab.co.uk> To: "Brooks Davis" <brooks@freebsd.org> Cc: hackers@freebsd.org, Tim Clewlow <tim1timau@yahoo.com> Subject: Re: Security Flaw in Popular Disk Encryption Technologies Message-ID: <a2b6592c0802231328y73da9605ybd3f5353ee32aa01@mail.gmail.com> In-Reply-To: <20080223203316.GC38485@lor.one-eyed-alien.net> References: <47C06E1F.5020308@thedarkside.nl> <760775.85636.qm@web50306.mail.re2.yahoo.com> <20080223203316.GC38485@lor.one-eyed-alien.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 23/02/2008, Brooks Davis <brooks@freebsd.org> wrote: > > You should actually read the paper. :) They successfully defeat both > of these type of protections by using canned air to chill the ram and > transplanting it into another machine. Easy to get around this attack - store the key on a usb stick/cd/whatever and every time the OS needs to access the encrypted date the key should be read, data decrypted, then key wiped from the memory; or have the daemon erase the key from memory every T minutes and re-acquire the key at next access attempt... Or you could carry something that emits a huge EMI pulse to destroy the data on the disk...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a2b6592c0802231328y73da9605ybd3f5353ee32aa01>