Find all your DIY electronics in the MakerShed. 3D Printing, Kits, Arduino, Raspberry Pi, Books & more!

In this video, researchers at Princeton demonstrate the ability to lift encryption keys from RAM that has been powered off for a brief period of time. When you use a full disk encryption product, the key is stored in RAM while the machine is unlocked and operating. This data is typically considered safe as long as it’s not paged out to disk since RAM is considered volatile. The truth, though, is that the volatility of the data in unpowered RAM is dependent on a few factors including temperature and the length of time it’s been without power:

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials.

By rebooting a laptop off of a USB drive with a small-footprint kernel, an attacker could pretty easily dump the full contents of RAM with little risk of loosing data. Even if the machine’s BIOS is configured to disallow booting from external drives, the attacker could use an upside-down can of compressed air to cool the RAM prior to shutdown and then quickly transfer the RAM to a second machine.

Since it’s not a trivial task to swap keys, there are other even more sinister attack scenarios. For instance, a key could be swiped when convenient, then used to inspect the disk contents at multiple points in time at a later date. Screw up and leave your computer recently-powered and unattended once, and the drive could be accessed at any point in the future. The machine wouldn’t even need to be stolen for this opportunistic approach to be effective, so you might never know that your data’s security is compromised.

If you use disk encryption as a last defense for the security of your data, it seems prudent to shut your machine down completely (no hibernating) several minutes prior to it leaving your immediate control.

Lest We Remember: Cold Boot Attacks on Encryption Keys – [via Jay] Link



  1. TheBlunderbuss says:

    Would shorting/grounding some pins immediately wipe the data?

    Also, Government agencies know already and are instructing their people to remain with their issued laptops 5-10min after shutting down.

  2. 22samurai says:

    Thinking ahead, it would be logical for Microsoft to use this research as ammunition to tout its Trusted Computing Initiative…

    Another thought: If computer makers begin to use some form of encryption on their RAM to circumvent this attack, what are the DMCA issues that arise? Following a strict interpretation of the DMCA, there are scenarios where the legal owner/user of the computer might be accessing their own RAM “illegally.” For example, using a memory decryption program during a computer recovery process could break the anti-circumvention clause, as the RAM is encrypted, and would additionally make the memory decryption program contraband since it would be considered a circumvention device.

    By the way, this is why we see so many silly and inadequate security schemes being included in products. It doesn’t matter how well the encryption scheme works, nearly any scheme will put a device under protection of the DMCA’s anti-circumvention laws. Then, when the device inevitably gets hacked, the company can go after hackers and users alike legally with the DMCA, instead of designing useful security in the first place.

In the Maker Shed