Fedora - Cold Boot Attack
Petr Pisar
ppisar at redhat.com
Mon Nov 8 10:05:20 UTC 2010
On 2010-11-06, Vaclav Mocek <little.owl at email.cz> wrote:
>
> I work like an Embedded SW/HW Developer and my experience is that data
> could remain in the dynamic memory for quite long time, even in the room
> temperature. I have used it successfully for debugging, when a booting
> routine after the cold reset copies some parts of memory to another
> location which could be read lately.
>
> It would be usefull to overwrite some parts of memory (keys etc.),
> before the computer is switched off. So, my question is: Is there
> already implemented and used some kind of protection?
>
Acctully there is better approach---to encrypt data destinated for
operating system/processes in CPU. This would prevent attacks by
unclean shutdown.
One of the problem is where to store the key. I found a thesis
<http://pi1.informatik.uni-mannheim.de/filepool/theses/diplomarbeit-2010-mueller.pdf>
right now which describes working implementation using SSE registers as
a permanent (untill power cycle) storage for the key. I have not read it
yet but it looks promissing.
-- Petr
More information about the devel
mailing list