TECH.BLORGE.com
VISTA.BLORGE.com
MAC.BLORGE.com
GAMER.BLORGE.com

March 5, 2008 |

Encryption broken by easy memory trick

By Erna Mahyuni





Encryption broken by easy memory trick Think your fancy encryption-enabled laptop is safe? Think again. Scientists have found that it’s possible to recover decryption keys by simply manipulating what’s called “volatile memory”.

Professor Edward Felten of the University of Princeton reported the disturbing findings on the BBC World Service’s Digital Planet programme. He said, “It was widely believed that when you cut the power to the computer that the information in the volatile memory would disappear, and what we found was that was not the case.”

Before, it was thought that the data held in volatile memory was only retained for a few seconds after a machine is switched off. Now it’s been discovered that data can be held and retrieved for up to several minutes, including encryption keys.

Theoretically,  this would be just enough time for hackers to retrieve the keys and unlock protected information an the disc. Not even locking the screen or going to suspend or hibernation mode is enough protection.

Suspend and hibernation modes are especially vulnerable because in those states, information is stored in RAM or volatile memory to enable the machine to “wake up” quickly.

Felten says that a hacker would then be able to easily retrieve data through a simple memory trick: “The person will get the laptop, cut the power and then re-attach the power, and by doing that will get access to the contents of memory – including the critical encryption keys…By cutting the power and then bringing it back, the adversary can get rid of the operating system and get access directly to the memory.” Felten’s team also found that cooling the laptop enhanced the retention to up to 10 minutes or more.

His advice on securing a computer? Shut it down fully several minutes before bringing it anywhere its physical security could be compromised.

“Simply locking your screen or switching to ’suspend’ or ‘hibernate’ mode will not provide adequate protection,” he said.

According to Felten, this discovery cast some doubt on encryption’s value, but he added that over time encryption products will adapt and find new ways of securing information. 

Related:

  • AnyDVD cracks Blu-Ray (and HD-DVD) disc encryption
  • German police want to create Trojan to decipher Skype encryption
  • Asus to honor EeePC warranty even if seal is broken
  • German security researchers find a faster way to break WEP
  • DVD DRM copy protection can still be broken




    • Sign up for the BLORGE daily email newsletter

    Entry was posted on Wednesday, March 5th, 2008 at 8:56 am under Security.

    Read more entries by Erna Mahyuni.
    StumbleUpon Toolbar Stumble It!

    One Response to “Encryption broken by easy memory trick”

    1. Rah:
      March 5th, 2008

      Absolute nonsense. This was well known for years and security suites even remotely worth being called secure have addressed the issue by safely wiping the master key from memory before shut down or any other locking action.

    Leave a Reply:

    Copyright © 2008 Engaging and compelling blogs that entertain and inform