[cap-talk] Cold Boot Attacks on Encryption Keys
Jonathan S. Shapiro
shap at eros-os.com
Fri Feb 22 10:53:39 EST 2008
On Fri, 2008-02-22 at 09:30 +0000, Toby Murray wrote:
> It's also an instance of the implicit assumptions that underpin a system
> being shown to be faulty.
The question everybody should be asking here is why the in-clear key
storage is not zeroed after use and on power-down.
Modern drives come with a generator built right in -- there is a huge
amount of kinetic energy stored in the platter, and that can be (and is)
tapped to handle things like write-back on power loss. It presents no
difficulty at all to explicitly zero the key storage at the same time.
This isn't bad assumptions or any sort of great discovery. It's just
crap coding, that's all. People working on storage encryption elsewhere
have understood the need to zero the live key storage for years. All
that we have learned here is that the drive firmware folks didn't
understand what they were doing.
More information about the cap-talk