Fedora - Cold Boot Attack

Petr Pisar ppisar at redhat.com
Mon Nov 8 10:05:20 UTC 2010

On 2010-11-06, Vaclav Mocek <little.owl at email.cz> wrote:
> I work like an Embedded SW/HW Developer and my experience is that data 
> could remain in the dynamic memory for quite long time, even in the room 
> temperature. I have used it successfully for debugging, when a booting 
> routine after the cold reset copies some parts of memory to another 
> location which could be read lately.
> It would be usefull to overwrite some parts of memory (keys etc.), 
> before the computer is switched off. So, my question is: Is there 
> already implemented and used some kind of protection?

Acctully there is better approach---to encrypt data destinated for
operating system/processes in CPU. This would prevent attacks by
unclean shutdown.

One of the problem is where to store the key. I found a thesis
right now which describes working implementation using SSE registers as
a permanent (untill power cycle) storage for the key. I have not read it
yet but it looks promissing.

-- Petr

More information about the devel mailing list