Disk encryption vulnerability found in attack on RAM |
Written by Rebecca Mints |
Thursday, 21 February 2008 12:14 |
A new way of attacking what would be considered "secure" memory systems has been discovered by a team of researchers at Princeton's computer science department. Laptops are the most susceptible.
Click Here for Team Gtron™ Solution Theory
The attack works by circumventing the "disk encryption." Some common examples that were overcome by the team at Princeton are Microsoft's BitLocker, Apple's FileVault and Linux's dm-crypt, and because many encryption systems have a common architecture this method is likely to work on many others. "We've broken disk encryption products in exactly the case when they seem to be most important these days: laptops that contain sensitive corporate data or personal information about business customers," Princeton Ph.D. candidate Alex Halderman remarks. "Unlike many security problems, this isn't a minor flaw; it's a fundamental limitation in the way these systems were designed." Since laptops are commonly put into sleep or hibernation mode they are particularly open to this type of attack because it is most effective on computers that are on but locked. A way to combat this is to turn a machine completely off, but even this won't always be an effective countermeasure. The flaw that is exploited in the attack is the fact that the information stored in a computer's RAM, including encryption keys, does not actually disappear instantly when it is powered off or the memory chip removed. It can actually take several seconds to a minute in a normal environment and considerably longer if the chips are cooled. The Princeton team wrote code that was able to access encrypted information after a computer was turned off and rebooted, and even after the encryption key had already started to decay by utilizing multiple derivative keys stored in memory to reconstruct the original. No special equipment is required to exploit the vulnerability either; the commonly used "canned air" for dusting keyboards can cool the memory chips down to -50 degrees Celsius by turning the cans upside down to release very cold liquid. 99.9% on the information stored in RAM could be recovered 10 minutes after the power had been cut. The team at Princeton has contacted several manufacturers so they are aware of the newly found vulnerability: Microsoft, Apple, and the makers of open-source products dm-crypt and TrueCrypt.
Team Gtron™ Solution Theory:
Reference: Science Daily http://www.sciencedaily.com/releases/2008/02/080221105820.htm |