So how would
Disabling booting from anything other than internal hard disk, locking the BIOS with a password be circumvented for cold boot attack?
Security researchers have developed prototype countermeasures to defend against the recently developed cold boot crypto attack. Cold boot is a technique for snatching cryptographic keys from memory, creating a means to circumvent disk encryption. A targeted machine that's been left hibernating would be turned off and quickly …
Open the case, whip out the RAM, stick it in your computer next to it, and use that to extract the keys. Even if you don't have your own computer with you, chilling the ram gives you a window of 20 mins - an hour to get it into a new computer. You can achieve this cooling by using an aerosol, upside soen (Most commonly mentioned in the proof of concepts is a can of compressed air)
er, fairly easily?
Freeze the RAM chips, pop 'em out (a hammer will get you access, if you haven't got anything more useful) and then pop 'em into another machine to analyse?
Could even make a small RAM copier which would support various RAM module formats and take a copy of the data onto a built in HDD or something. Probably not very hard to do.
Why not just build some extra functionality into the RAM modules that when the power supply to the module sags below a pre-determined voltage, it clears a register in the chip that forces a return of 0x00000000 on any memory that has not been written to since powering-up.
Something along this line would kill these cold boot attacks dead since you can't read the value of a memory address until it's been written to.
The only way I can see to get around this, you would need to supply a constant source of power to the module so it doesn't flag the memory as powered-off, and then you would need to some how provide a DRAM refresh cycle while the RAM is removed from the PC which isn't something you are gunna be able to do quickly and/or easily!
*Grabs his coat and heads to the patent office!
Biting the hand that feeds IT © 1998–2021