In this video, researchers at Princeton demonstrate the ability to lift encryption keys from RAM that has been powered off for a brief period of time. When you use a full disk encryption product, the key is stored in RAM while the machine is unlocked and operating. This data is typically considered safe as long as it’s not paged out to disk since RAM is considered volatile. The truth, though, is that the volatility of the data in unpowered RAM is dependent on a few factors including temperature and the length of time it’s been without power:
Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials.
By rebooting a laptop off of a USB drive with a small-footprint kernel, an attacker could pretty easily dump the full contents of RAM with little risk of loosing data. Even if the machine’s BIOS is configured to disallow booting from external drives, the attacker could use an upside-down can of compressed air to cool the RAM prior to shutdown and then quickly transfer the RAM to a second machine.
Since it’s not a trivial task to swap keys, there are other even more sinister attack scenarios. For instance, a key could be swiped when convenient, then used to inspect the disk contents at multiple points in time at a later date. Screw up and leave your computer recently-powered and unattended once, and the drive could be accessed at any point in the future. The machine wouldn’t even need to be stolen for this opportunistic approach to be effective, so you might never know that your data’s security is compromised.
If you use disk encryption as a last defense for the security of your data, it seems prudent to shut your machine down completely (no hibernating) several minutes prior to it leaving your immediate control.
Lest We Remember: Cold Boot Attacks on Encryption Keys – [via Jay] Link