[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the cold-boot attack - a paper tiger?

To: Peter_22@xxxxxx
Subject: Re: the cold-boot attack - a paper tiger?
From: Matthias Schniedermeyer <ms@xxxxxxx>
Date: Thu, 29 May 2008 21:50:29 +0200
Cc: Phil <philtickle200@xxxxxxxxx>, jacob@xxxxxxxxxxxxx, jariruusu@xxxxxxxxxxxxxxxxxxxxx, linux-crypto@xxxxxxxxxxxx
In-reply-to: <20080529185623.160050@gmx.net>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
References: <903456.12438.qm@web54002.mail.re2.yahoo.com> <20080529185623.160050@gmx.net>
Sender: linux-crypto-bounce@xxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On 29.05.2008 20:56, Peter_22@xxxxxx wrote:

> - to make use of semiconductor physics, key material would have to be stored on highly volatile level 1/2 CPU cache

I thought about this after writing the other mail.

I don't think the CPU kills it's cache after a reset.
Or at least "only" marks it as invalid.

So if i assume that the jumper on the reset-connector works:

Then the CPU isn't able to do anything while under permenant reset.

While the CPU is under permanent reset it should be possible to replace 
the BIOS-chip with someting of the attackers choosing.

When the jumper is removed the now BIOS should be the next thing that 
the CPU executes.

If i now assume that it is somehow possible to dump the CPU cache 
contents you can dump pretty much anything there is.

Conclusion: An attacker with enough resources should be able to get the 
whole memory contents with no or virtually no losses.



Bis denn

-- 
Real Programmers consider "what you see is what you get" to be just as 
bad a concept in Text Editors as it is in women. No, the Real Programmer
wants a "you asked for it, you got it" text editor -- complicated, 
cryptic, powerful, unforgiving, dangerous.


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

References:
- Re: the cold-boot attack - a paper tiger?
  - From: Phil
- Re: the cold-boot attack - a paper tiger?
  - From: Peter_22

Prev by Date: Re: the cold-boot attack - a paper tiger?
Next by Date: Re: the cold-boot attack - a paper tiger?
Previous by thread: Re: the cold-boot attack - a paper tiger?
Next by thread: You have just received a virtual postcard from a friend !
Index(es):
- Date
- Thread