21 February 2008

Volatile memory not so volatile after all

Nine researchers at Princeton have demonstrated that DRAM retains its contents fairly accurately even after seconds or minutes without power (even longer when the chips are cooled with canned air cold gunk, or liquid nitrogen).

This means you cannot assume that secrets are safe when stored in memory: the conventional wisdom was that the OS controlled access to memory, and that circumventing that would require you to cut the power, which would wipe the contents of memory. However, it turns out that the contents of memory stick around for a while, at least long enough to let you boot into a malicious OS from which you can read the information.

The researchers demonstrate that disk-encryption products can be attacked in this way: cut the power, boot into another OS, grab the cryptographic keys out of memory, and use those to decrypt the disk.

No comments:

Post a Comment