Google
  Web www.spinics.net

Re: regarding the cold-boot attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


* Huszár Viktor Dénes <hvd@xxxxxx> wrote:

> Anders is right, filling the memory with 0s once the shut down
> procedure starts is only to keep away the rookies. A professional
> cold boot attack would be cooling down the DRAMS, power off the
> machine, putting the DRAMS in the other computer and booting with
> the imaging tool.

If you power down a system utilizing loop-AES, all key material is
sanitized after encrypted partitions are unmounted because the
corresponding loop-devices are detached. There is an execption tho,
have a look at http://mareichelt.de/pub/texts.loop-aes.php#faq25

So there's practically no need to wipe the memory, regarding loop-AES
key material. Otoh, it wouldn't hurt either. It might be a nice thing
to have if one wants all traces of system activity gone ASAP and not
wanting to wait for memory to decay after shutdown. Think of PGP/GPG
password(s), f.e.


> However, my question is what Markus wrote, why do you suggest
> Serpent instead of AES cipher?

Serpent has a more complex key schedule and an attack of a
somewhat-decayed memory image containing the key is less likely to
succeed than with an AES cipher; error correction only works to some
extend. It's mentioned in the paper, IIRC.

Otoh, Serpent is 2-6 times slower than AES. But with a moderately
modern setup and increasing computing power that carries less and
less weight.


Example: By embedding the real key used for root encryption in a
cloud of 100 keys slows down the attacker. And when one mounts /home
and embedds that key also in a cloud of 100 keys, it jumps right in
the face of the hyped features of the cold-boot attack.

Again, it doesn't defend against the attack, it just lets you have
fun with the attacker. Speaking of fun, just think of using a
live-CD, spam the memory with several hundred random keys, and none
works. :-)

-- 
left blank, right bald
loop-AES FAQ: http://mareichelt.de/pub/texts.loop-aes.php#faq

Attachment: pgp8Lf7LAMW4j.pgp
Description: PGP signature


[Home]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]     [Network Security Reading]

Add to Google