Government Technology

Report: Successful Cold Boot Attacks on Encryption Keys


You May Also Like

July 28, 2008 By

A recent study -- conducted by Princeton University and the Electronic Frontier Foundation -- revealed how successful cold boot attacks can be launched on disk encryption.

According to the study, most users assume that dynamic random access memory (DRAM) is erased when a computer is shut down. Not true, according to the study. Such data remains visible for several minutes. This time gap provides attackers with a window to access DRAM data. After much experimentation, researchers found a number of methods that could be used to penetrate three widely used disk encryption systems.

The full research paper includes a detailed analysis of the exact methods used for extracting information. A short video segment provides a brief overview of the study as well as a demonstration of how the methods can be used. Ed Felten, one of the eight researchers, also followed up with a blog. Here Felten discusses the experiments, answers questions from readers and offers bits of advice to those concerned by the findings of the study.


You may use or reference this story with attribution and a link to
http://www.govtech.com/security/Report-Successful-Cold-Boot.html


| More

Comments


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

GovTech Papers and Case Studies View Library


Sponsored Links



Phone RSS

Government Best Practices

» A New Model for Human Resources
» Abandoning the High Cost of Enterprise Content Management



Government Technology
Public CIO
Emergency Management
Digital Communities