Security Flaw in Popular Disk Encryption Technologies

Igor Mozolevsky igor at hybrid-lab.co.uk
Sat Feb 23 21:57:03 UTC 2008


On 23/02/2008, Brooks Davis <brooks at freebsd.org> wrote:

>
> You should actually read the paper. :) They successfully defeat both
>  of these type of protections by using canned air to chill the ram and
>  transplanting it into another machine.

Easy to get around this attack - store the key on a usb
stick/cd/whatever and every time the OS needs to access the encrypted
date the key should be read, data decrypted, then key wiped from the
memory; or have the daemon erase the key from memory every T minutes
and re-acquire the key at next access attempt...

Or you could carry something that emits a huge EMI pulse to destroy
the data on the disk...


More information about the freebsd-hackers mailing list