Robert Hensing's Blog

Software Security . . . and stuff.

Cold boot attacks on encryption keys

Cold boot attacks on encryption keys

  • Comments 1
  • Likes

UPDATE 2/27/2008:  Douglas MacIver wrote an excellent and very authoritative blog post here on this topic - I highly recommend reading his blog post instead of mine. :) http://blogs.msdn.com/si_team/archive/2008/02/25/protecting-bitLocker-from-cold-attacks-and-other-threats.aspx 

--------------------------------------------------------------------------------------
So last week some Princeton students released some information on research they had done in the area of data remnants in DRAM chips after power had been removed and it seems to have generated 'a press cycle'.  :)  It was interesting for me because . . . well I thought what they 'discovered' was widely known but I guess it was not (but should be now thanks to the press!).  In fact Douglas MacIver of the Bitlocker team even spoke on this at Hack In The Box in *2006* (scroll down to 15. Physical Memory Attacks).

In essence the Princeton team discovered that after removing power from say a notebook or a PC - they could blow some inexpensively obtained refrigerant on the DRAM chips within seconds of removing power and that this would cause the contents of the chips to remain relatively 'intact' for upwards of minutes (or hours if they then transferred the chips to liquid nitrogen for longer term storage).

This of course has interesting implications on most if not all software based encryption products such as Bitlocker as the decryption keys are usually cached in memory while the system is 'on' and if you can freeze that memory (literally <G>) shortly after the system is turned 'off' and then scan it / image it - you can *maybe* recover the keys (I say maybe because you would need to ensure none of the key's bits get flipped and so it would seem you would need to be fairly quick with your DRAM freezing).  They released some cool screen shots of the Mona Lisa showing it's 'decay' over time and even a video of things to illustrate the rate of decay.  You can read more about their research here.

Well I did some research and it turns out this was defintely known and threat modeled by our guys a long time ago (obviously as Douglas spoke about this at HITB) and we've even gone on to release some interesting information in the form of the 'Data Encryption Toolkit for Mobile PCs' here (you'll note one of the reviewers is Douglas <G>):  http://www.microsoft.com/technet/security/guidance/clientsecurity/dataencryption/default.mspx

That URL links to a meatier URL here:

http://www.microsoft.com/technet/security/guidance/clientsecurity/dataencryption/analysis/4e6ce820-fcac-495a-9f23-73d65d846638.mspx 

That URL has a great overview (in the form of a picture) of how Bitlocker when used with a TPM works on page 3 of 6 (Chapter 2) here: http://www.microsoft.com/technet/security/guidance/clientsecurity/dataencryption/analysis/4e6ce820-fcac-495a-9f23-73d65d846638.mspx

What I find puzzling though is why the Princeton team claim: "There seems to be no easy fix for these problems."
The 'fix' seems to be to 'remove power for a few minutes'!!  I guess this may not always be practical (i.e. in a scenario where say you get raided by the feds and they immediately whip out the refrigerant spray guns and start partying on your DRAM like it's 1999).

Last week I mentioned in a blog that when I am on the road and my laptop is in say my hotel room or left in a remote office, I change the role of my power button to make it hibernate the PC when I press it.  I hibernate to cause the notebook to shut off when it's no longer in my posession / control.  I did this primarily to mitigate the more well known / mainstream attacks discussed in the links above (i.e. to prevent someone walking up to my notebook that's in say S3 sleep, waking it up by opening the lid, and then plugging in a firewire device to do some direct memory writes to patch the kernel and allow themselves to unlock the OS and read my email / steal my files etc.) but it's nice to know that after a few minutes of being 'off' I'm also protected from these DRAM attacks as well!

Just make sure that if you are using Bitlocker with the TPM - that you also carry the USB drive with the recovery key on you - don't leave it in say the notebook bag next to your notebook. :)  Rumaging through somone's notebook bag for the USB key with the Bitlocker keys on it - I'm guessing - will probably be more successful and reliable than these types of attacks. :)

UPDATE: Russ Humphries has some thoughts he's blogged here: http://blogs.msdn.com/windowsvistasecurity/archive/2008/02/22/disk-encryption-balancing-security-usability-and-risk-assessment.aspx

Comments
  • Good Post - BitUnlocker can be defeated by follwoing best practices with BitLocker, Power Options and Physical Security

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment