| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
Cold Reboot Attacks on Disk Encryption
Cold Reboot Attacks on Disk Encryption
Posted Feb 21, 2008 22:36 UTC (Thu) by endecotp (guest, #36428)In reply to: Cold Reboot Attacks on Disk Encryption by cventers
Parent article: Cold Reboot Attacks on Disk Encryption
> what if they splice open the power cable and attach their > own source so that they can untether it from your outlet, > then take it back to their lab I think you were joking, but that's actually exactly what they do: http://www.engadget.com/2007/11/06/wiebetech-hotplug-lets...
(Log in to post comments)
Cold Reboot Attacks on Disk Encryption
Posted Feb 23, 2008 22:42 UTC (Sat) by macc (subscriber, #510) [Link]
GPS? tilt sensor or one of these little gyro thingies used for model helicopters? Then moving the box would shut the OS down? G! MACC
Cold Reboot Attacks on Disk Encryption
Posted Feb 26, 2008 5:52 UTC (Tue) by njs (subscriber, #40338) [Link]
Naw, don't shut down. Presumably the real solution is to every n minutes throw away crypto keys and at the next attempt to access the encrypted data, require the passphrase be re-entered. (We assume that attackers can't or won't breach the case to suck things out in less than n minutes.) Then if you want to get fancy, you can also add accelerometers to the list of things that trigger the crypto keys being flushed. Nagging the user on a timer is somewhat annoying, of course, but should be practical if one really has secret data (and if you segregate out the actually secret stuff from the everyday stuff). It might even be a feature to bug the user occasionally while they have secret data open, to remind them of this fact -- sort of a modern equivalent to root's "#" prompt.