digg

Facebook Connect Join Digg About

Cold Boot Attacks on Windows Vista BitLocker Encryption Keys

citp.princeton.edu Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist.

Who dugg this? Made popular Feb 22, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

151 Comments

show profanity settings
expand all
  • chris9902, on 02/22/2008, -4/+66fanboy headline. It's ALL encryption software not just Vista.
  • rpeterclark, on 02/22/2008, -0/+52Very clever. It should be noted they claim that this technique is effective against FileVault, dm-crypt, TrueCrypt and probably many other encryption mechanisms.
  • potshot, on 02/22/2008, -1/+28I love this work because it demonstrates how common knowledge can come back to haunt you. Remember kids, test all assumptions!

    From the guy's blog:
    "This is deadly for disk encryption products because they rely on keeping master decryption keys in DRAM. This was thought to be safe because the operating system would keep any malicious programs from accessing the keys in memory, and there was no way to get rid of the operating system without cutting power to the machine, which “everybody knew” would cause the keys to be erased."

    Everybody knew eh? Oops!
  • Darrelc, on 02/22/2008, -7/+33Hmm I wonder why the submitter didnt title it "Cold Boot Attacks on Mac OSX' FIlevault Encryption Keys"?
  • tedc, on 02/22/2008, -0/+16Wow, what a spectacularly potent exploit! I write a lot of software for custom instrumentation, and have noticed you can sometimes see a kind of echo of what was in memory after brief power interruptions. I had always assumed there was a bit of capacitance left on the motherboard that was keeping the memory alive somehow, but I never thought DRAM by itself could hold onto its contents for an appreciable length of time.

    I guess OS vendors and third parties are going to have to start aggressively scrubbing address areas where passwords and other sensitive data get loaded. It's not enough to just encrypt the swap file anymore. I suppose this would be a good practice anyway, in the event that we ever start migrating to MRAM.

  • MrMongoose, on 02/22/2008, -1/+16Won't hurt anything if the substance is non-conductive. Might cause corrosion later, but hey, you're trying to steal stuff. Who cares what happens later?
  • estvir, on 02/22/2008, -7/+21Of course, but if you had those in the title, especially TrueCrypt, it'd be buried in to oblivion. :o
  • ZaNkY, on 02/22/2008, -0/+11"Plus all they have to do is take the HDD and plug it in a different computer as a second drive then copy all the info on a unprotected disk. You don't even need to do what they did in the video."

    Not quite. Remember, we are talking about "encryption" here, not an "unprotected disk". The fact is, if you were to swipe JUST the drive, you would have to break (bruteforce) the BitLocker encryption (or any other encryption systems in place). Have fun with that.

    I do agree that if a thief breaks in he will be more interested in bills/credit cards laying around than the ram on your computer.


    Is stealing the entire computer necessary? I don't think so. Putting specialized home-made RAM reading/copying hardware aside, all you would need would be a laptop: For some reason (not a good/smart one) you get up and leave your laptop at your desk (say in a library, or at work where there is a level of trust). Johny who lives across the street and is really envious of the beautiful shade of your grass decides to put his electronic knowledge to work to do you some harm. Five minutes is all he needs (theoretically) to pop open your ram enclosure, do some spraying, yank the battery, stick your ram in his laptop, do a full copy&paste, stick the RAM back in your computer, power your computer on. As soon as you get back you would be welcomed by your login prompt or some apologetic message about the "crash". You shrug it off.

    What does Johny have? A copy of 80% of your ram. could include passwords and usernames. bitlocker keys? other things you have typed/emails? And most importantly, a foot in the door to FURTHER attacks. That is what this is all about. Further could mean up to imaging your entire drive the next time he gets a chance.

    This is all a plausible scenario, but again, it has to be emphasized that most people won't go as far as opening your computer and grabbing the ram.
    Plausible but not Probable.
  • ZaNkY, on 02/22/2008, -1/+11Research (PDF): http://citp.princeton.edu.nyud.net/pub/coldboot.pd ...
    FAQ: http://citp.princeton.edu/memory/faq/

    An experiment (linux) to determine if your particular computer/ram is at risk: http://citp.princeton.edu/memory/exp/

    Videos and Images: http://citp.princeton.edu/memory/media/

    An intro blog post: http://www.freedom-to-tinker.com/?p=1257

    (Yes, this is just a repost of the links at the bottom, for convenience's sake)

    ---

    This is really interesting research, could have dangerous implications. Theoretically, all that is needed is an external drive with a small OS that reads in the contents of the ram... Of course by turning off the computer (and opening it up to freeze the ram), you wouldn't be too subtle...
  • inactive, on 02/22/2008, -1/+11Maybe because BitLocker concerns most people?
  • ngmcs8203, on 02/22/2008, -0/+10*****. Thanks for the late news. That would have come in handy when air drying my balls last night.
  • smrekar, on 02/22/2008, -1/+111 word: Jumper
    It's very easy to reset the bios. That is why they created it.
  • Apollyon0810, on 02/22/2008, -1/+10It's CO2, isn't? Conductive? I don't think so. Obviously didn't mess anything up too bad.
  • magamiako, on 02/22/2008, -1/+8This is a great proof of concept, but in actual practicality purposes it should not deter you from using these systems to protect your data.

    If someone is willing to go through the effort it takes to get that data off of your hard drive--then chances are the data itself should not be on something that can be easily stolen as a laptop or USB stick.
  • JasonCox, on 02/22/2008, -2/+9Well, fanboy titles aside, at least for once this wasn't posted in the Linux/UNIX category.
  • alricsca, on 02/22/2008, -2/+8From what I am reading about how this works, this will effect more than DRAM in the long run. It will effect anything that has a memory cache or register that works in the same way. It will be harder but still very possible to extract data that normally only lives on a chip when it in a powered state. While many applications that use TPM, like BitLocker, have others vulnerabilities related to their method of using keys such as the fact the key they use are in the CPU's DRAM, the TPM chip seems extremely vulnerable to this directly and so is every other device that depends on transient electrical states. Think about this, if you take any chip that stores data in this way and freeze it down to the temperature of liquid nitrogen while it is powered you should be able to then read its registers' transient states. That means that keys and code in the TPM, BlueRay' Java Machine, HDMI keys, or any data for that matter that is only supposed to live while the power is on in a secure environment and are supposed to locked away in sealed chip could be read. Basically you take the hardware and create the process you know will produce the data state you desire, freeze the chip solid then either read the memory directly if it is that type of chip or if it is a sealed chip you strip the chip down and directly read the probe the registers themselves. Then you can either use that information to access data directly or to create rogue version of the same chip. This is a crucial defeat but it still means people have to have access to the hardware and they need to have the tech to do this if it is more than reading DRAM chip. That being said once enough keys for things the signing keys for most hardware like PS3s, Blue Ray devices, and HDCP chips are known it is all over for those devices' ability to shield content. I mean think about it, all you have to do is have a sufficiently talented hacker with the money, tech, and can of liquid air.
  • spudlyo, on 02/22/2008, -5/+11This story is on slashdot, the NY times, InformationWeek, CNET, and Wired. ***** 80+ diggs and it's still not on the front page. FAIL.


  • lostarchitect, on 02/22/2008, -0/+6because, even though they state that it also works with file vault, they focus on bitblocker in the video.
  • james.mattson, on 02/22/2008, -1/+7owned by canned air...
  • norman619, on 02/22/2008, -0/+6Only a newbie would feel they are superman safe. If someone wants to get to your data bad enough they WILL get it.
  • truguyanese, on 02/22/2008, -0/+6More diggs of course - look at his profile, he dugg an article titled "Cold Reboot Attacks on Disk Encryption"... it only has 17 diggs and was posted a day ago... around the same time he dugg that, he also posted this story, but modified the title to what you see here - low and behold, the story is popular!
  • ZaNkY, on 02/22/2008, -0/+5What? Digg is not Tech centered like the sites you mentioned. Digg is like Ebaums with a Tech section. That's all.

    I miss the old Digg :(
  • Ramble, on 02/22/2008, -0/+4Probably not, the key has to be in memory and if you don't automount then it shouldn't be there.
  • geodescent, on 02/22/2008, -0/+4http://www.biosflash.com/e/bios-passwords.htm
  • sholt, on 02/22/2008, -0/+4Well, the key still has to be somewhere.
  • CJChesterson, on 02/22/2008, -0/+4That's fine until they spray your RAM with liquid nitrogen and boot it in a surrogate machine.
  • Tabascoforever, on 02/22/2008, -3/+7Because Macs are only used for mash-ups, video editing and general playing around. In other words nothing where serious data is concerned. I'm not having a dig at Mac's (well maybe just a little - hoho), no it's because they are too expensive to roll out for any decent sized company. (In general, for the majority before you start posting examples)
  • ultrafez, on 02/22/2008, -2/+6Also very simple, removing the CMOS battery for a few minutes and replacing it, wiping the CMOS in the process and therefore resetting the bios password. Then just boot up without using the password.
    Bios passwords suck.
  • gyurka, on 02/22/2008, -1/+4@potshot: Exactly. Well, maybe it was more that "everybody knew" that you couln't possibly get to the data in time before it would "fade out". Turns out that there is enought time anyway when you set your mind to it. A few extra diggs to the guy who didn't keep himself to what everybody knew and decided to test what was really possible.
  • inactive, on 02/22/2008, -1/+4Oh noooes! I did not hear about this news before everyone else. Life is so unfair.
  • lostarchitect, on 02/22/2008, -0/+3"virtual" is the key word there.
  • wolferz, on 02/22/2008, -1/+4because he will get more diggs this way.
  • FKnight, on 02/22/2008, -1/+4That's right. Everybody knew this. In fact, every single person on Digg and anyone who deals with computers "knew' that DRAM was erased when the power is cut. Because this bit of information is part of every piece of reference material having to do with computers. This piece of information has been promulgated as the basis for the very functioning of DRAM.

    Now every Digger will act like they knew all along that memory wasn't "really" erased when power is lost and that anyone thinking otherwise is an idiot.
  • Bananas21ca, on 02/22/2008, -0/+3Sounds like you have some encrypted hard drives your trying to gain access to. No worrys the Fed's will be at your door in the next 30 seconds
  • ioerror, on 02/22/2008, -0/+3Yes. Take a look at the wired article covering our work here:
    http://blog.wired.com/27bstroke6/2008/02/encryptio ...

    "We always knew it was theoretically possible and they managed to do it," Callas said
  • lostarchitect, on 02/22/2008, -0/+3this doesn't apply to those who don't turn on bitblocker or filevault. obviously it's easy to get that data. if you connect a drive via USB on another machine that's been encrypted with bitblocker or filevault you won't get jack ***** off of it without the password or key.
  • smrekar, on 02/22/2008, -0/+3pull the battery then. the point is, it is not secure.
  • lostarchitect, on 02/22/2008, -0/+3does anyone know if this would work against PGP's whole disk encryption?
  • nogami, on 02/22/2008, -0/+3I believe that Truecrypt overwrites the key-memory when it closes down (or the drives unmount). In that case, you should be safe. The problem arises when someone cuts power to the system while the drive is still mounted and extracts the key.

    Perhaps memory manufacturers could develop a special memory module that holds a small charge inside the chips to force the data to be randomized when the main power is interrupted (or the system's memory bus clock is lost/resets, etc).
  • yabos, on 02/22/2008, -0/+3Truecrypt disables hibernation mode because of this. It doesn't help anything if the attacker just pulls the plug on your computer though.
  • JonestownTea, on 02/22/2008, -2/+5Pure water on electronics wouldn't cause a short, because pure water doesn't conduct electricity. The condensation would be producing pure water considering it would be pulling the water molecules from the air together.
  • diggmeyoubitch, on 02/22/2008, -1/+4Buried because they did mention other encryption software. They just used vista for the demo.
  • MiDri, on 02/22/2008, -1/+4And the molecules of dirt that are on your ram would mix with that and make not pure water and therefor short.
  • GodjustGod, on 02/22/2008, -3/+6Buried for headline inaccuracy. Instead of trying to start a vista flamewar, simply state the fact that this problem applies to all operating systems, not just windows. Submitter is a pole smoker
  • SPECOPS, on 02/22/2008, -0/+3jabber - unfortunanly (in the eyes of the security world) there are methods to reset the bios password that are very easy. The laptops with the integrated security chips are safest, but most do not have this. Bios password won't stop someone from pulling your SO-DIMM chip (as shown in the video, and in countless other literature in the past - this is not new folks) while cold and copying the data. They show them put the ram in another computer, this typically won't work, but there are peripherals you can use to do this, very easily.
  • Hefelumpman, on 02/22/2008, -0/+2when it's very very very very cold, the water will just freeze.
  • InfiniteNothing, on 02/23/2008, -0/+2You can't encrypt ram entirely can you? you need the password in the clear somewhere don't you?
  • Fetching more discussions...
    Show 51 - 100 of 151 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.