[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the cold-boot attack - a paper tiger?

To: Phil <philtickle200@xxxxxxxxx>
Subject: Re: the cold-boot attack - a paper tiger?
From: Matthias Schniedermeyer <ms@xxxxxxx>
Date: Thu, 29 May 2008 14:05:48 +0200
Cc: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>, Peter_22@xxxxxx, linux-crypto@xxxxxxxxxxxx, jariruusu@xxxxxxxxxxxxxxxxxxxxx
In-reply-to: <903456.12438.qm@web54002.mail.re2.yahoo.com>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
References: <903456.12438.qm@web54002.mail.re2.yahoo.com>
Sender: linux-crypto-bounce@xxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On 29.05.2008 04:41, Phil wrote:
> 
> --- Phil <philtickle200@xxxxxxxxx> wrote:
> 
> > 
> > --- Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote:
> > > 
> > > Because loop-aes *is* vulnerable to our attacks.
> > > 
> > > The keying material is in memory when we mount our
> > > attack. We were able
> > > to reliably extract keys required to decrypt the
> > > data on the disk.
> > > 
> > 
> > So I am right in saying that quitting X and
> > overwriting  free memory as root with a utility such
> > as smem after pulling down the loop will prevent key
> > recovery?
> > 
> PS:  If so, why doesn't Jari just overwrite the slab
> of memory containing the keys when pulling down the
> loop? (I previously assumed loop-aes did this).

You should read the e-mail Jari wrote.
loop-AES does kill the key-material.

But you forgot the whole point about the attack:
The attacker don't "soft-boot" the computer, he presses the reset-key 
where the currently running OS (and therefore loop-AES) doesn't get the 
change to kill the key-material!

And the attack also implies that YOU, personally, weren't able to 
interfere. 

When you are able to get the computer to soft-boot or switch-off 
reguarly, loop-AES gets the chance to kill the key-material.

Modern computers and i guess most modern Distributions intercept the 
Power-Off-Button via ACPI and instead of "just switch-off power" they 
initiate a regular shutdown and soft-power-off afterwards. At least 
that's what my Debian-SID does by default when the acpid is running.

So when someone storms into my room and i am able to press the 
power-off-button i'm on the safe-side as long as the person doesn't 
press the reset-key or yanks out the power-cord before loop-AES had the 
chance to kill the key-material.

Bis denn

-- 
Real Programmers consider "what you see is what you get" to be just as 
bad a concept in Text Editors as it is in women. No, the Real Programmer
wants a "you asked for it, you got it" text editor -- complicated, 
cryptic, powerful, unforgiving, dangerous.

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: the cold-boot attack - a paper tiger?
  - From: Rik van Riel

References:
- Re: the cold-boot attack - a paper tiger?
  - From: Phil

Prev by Date: IRS Tax Notification !
Next by Date: Re: the cold-boot attack - a paper tiger?
Previous by thread: Re: the cold-boot attack - a paper tiger?
Next by thread: Re: the cold-boot attack - a paper tiger?
Index(es):
- Date
- Thread