Re: cold boot attacks on cgd?

To: tech-crypto%NetBSD.org@localhost
Subject: Re: cold boot attacks on cgd?
From: "Steven M. Bellovin" <smb%cs.columbia.edu@localhost>
Date: Tue, 26 Feb 2008 06:24:06 +0000

On Tue, 26 Feb 2008 02:02:59 +0000
"Steven M. Bellovin" <smb%cs.columbia.edu@localhost> wrote:

> 
> There is apparently some BIOS magic that can be done to force certain
> sections of RAM to be zeroed by the BIOS at boot time.  I don't know
> anything more about how to set that flag.  Even if it is set, there's
> no defense against someone chilling the RAM, removing it from your
> machine, and putting it into their own.
> 

It's called the MOR bit in the TPM.  See
http://technet2.microsoft.com/windowsserver2008/en/library/d2ff5c4e-4a68-4fd3-81d1-665e95a59dd91033.mspx?mfr=true
It means "there are keys present; zero RAM when booting".  This does
nothing against the guy with the Dewar flask of liquid nitrogen, of
course.  Also, not all BIOSes honor this bit -- which means they're
non-conforming, but what else is new?

                --Steve Bellovin, http://www.cs.columbia.edu/~smb

References:
- cold boot attacks on cgd?
  - From: CÃsar CatriÃn CarreÃo
- Re: cold boot attacks on cgd?
  - From: Steven M. Bellovin

Prev by Date: Re: cold boot attacks on cgd?
Next by Date: Upgrading in-tree OpenSSL to 0.9.9-current
Previous by Thread: Re: cold boot attacks on cgd?
Next by Thread: Upgrading in-tree OpenSSL to 0.9.9-current
Indexes:

Home | Main Index | Thread Index | Old Index