Re: the cold-boot attack - a paper tiger?
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
> can't the generated keys > also be > placed in memory which the BIOS will overwrite? A serious attacker will not try to reboot the machine. They will freeze the DRAM and remove it. All of this still depends on them interrupting power while the loop is up. From my reading of the paper, in their tests they only interrupted power "momentarily". The longer the RAM stays powered off without lower temperatures, the less chance keys will be recovered. You're saying a "kid sister" measure to overwrite the vestigial keys once the BIOS kicks in is better than nothing. Maybe it is at that. What about just physically raising the ambient temperature of the DRAM (put a heater under it, or move it to a hot part of the box)? How hot does it have to be at power interruption before recovery is unlikely? Or: Doesn't their paper say types of RAM vary considerably in this remanence effect? Pick a type that makes it difficult? - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/