Re: the cold-boot attack - a paper tiger?

[Matthias Schniedermeyer <ms@xxxxxxx>]

On 23.05.2008 07:57, Phil wrote:
> To clarify: My understanding of key scrubbing in
> loop-aes is it is designed to prevent burn in as
> described in the Guttmann paper, which has not yet
> been shown to be a practical threat at any rate. 
> Unlike the so-called "cold boot" attack, which can be
> defeated if keys in memory are overwritten after use.
> 
> So just quit X and run THC's smem utility (from their
> secure_delete sources) as root after umo8nting an
> encrypted partition.   Poof, all of free memory gets
> overwritten.  No more keys in memory to recover.

To Jari:
I guess loop-AES destroys/nulls the key-material when the loop is 
detached?


So (i guess):
- A `losetup`ed loop is vulnerable. (Mounted or not. In most cases 
'losetup'ed includes mounted, but that isn't a requirement)
- After detaching the loop everything is fine




Bis denn

-- 
Real Programmers consider "what you see is what you get" to be just as 
bad a concept in Text Editors as it is in women. No, the Real Programmer
wants a "you asked for it, you got it" text editor -- complicated, 
cryptic, powerful, unforgiving, dangerous.


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/