Re: the cold-boot attack - a paper tiger?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Phil wrote:
> Why then does the cold boot attack website claim that 
> loop-aes *is* vulnerAble to their attack?  For this to
> be true, the plaintext key would have to be
> recoverable from memory with their algorithm?


Because loop-aes *is* vulnerable to our attacks.

The keying material is in memory when we mount our attack. We were able
to reliably extract keys required to decrypt the data on the disk.

Loop-aes isn't very different from any other system we tested in this
manner. If you're using general purpose memory for keying, you're
probably vulnerable.

Jacob Appelbaum

Linux-crypto:  cryptography in and on the Linux system

[Home]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]     [Network Security Reading]

Add to Google