Re: cold boot attacks on cgd?

To: tech-crypto%NetBSD.org@localhost
Subject: Re: cold boot attacks on cgd?
From: der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>
Date: Mon, 25 Feb 2008 22:26:32 -0500 (EST)

> Even if [a BIOS scrub-on-boot bit] is set, there's no defense against
> someone chilling the RAM, removing it from your machine, and putting
> it into their own.

An attacker who can chill your RAM while it's powered up (or within
moments of power-down) can just clip a leech onto it and read stuff
straight off the pins without needing to power it down at all; the only
way chilling it makes it any easier is that the hardware required is
less sophisticated.

Memory and system design could help defeat this by providing a "power
is going away" signal at least one full refresh cycle before power
really does go away (AIUI most power supplies are, or easily could be
made, capable of this); that last refresh cycle could scrub instead of
refresh.  Then make the case very difficult ("impossible") to open
without pulling power.  (This won't help against the constant-data
memory effect attack, but there are other ways to address that.)

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse%rodents.montreal.qc.ca@localhost
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- cold boot attacks on cgd?
  - From: CÃsar CatriÃn CarreÃo
- Re: cold boot attacks on cgd?
  - From: Steven M. Bellovin

Prev by Date: Re: cold boot attacks on cgd?
Next by Date: Re: cold boot attacks on cgd?
Previous by Thread: Re: cold boot attacks on cgd?
Next by Thread: Re: cold boot attacks on cgd?
Indexes:

Home | Main Index | Thread Index | Old Index