Sunday, October 19th, 2008 | Author:

I just read this article on using compressed air to cool a memory chip so it will retain data even power is been cut off.

A video can be found here on the process and on why colder memory chip will retain data longer. By retaining the data, you can do a dump of the data and extract the cryptographic keys. They were able to extract keys for BitLocker, TrueCrypt, FileVault and dm-crypt.

The attack is not exploiting weakness of the encryption software but due to the fact that the keys have to be stored in memory.  Encrypting the key in memory don’t really help, you still need to store that key that encrypts somewhere !

Category: Security, Systems
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Leave a Reply