# Researchers release 'cold boot' attack utilities



## sjb007 (Dec 10, 2007)

The security researcher who demonstrated the 'cold boot' attack has released the source code for the hack. The attack, first demonstrated in February, uses a set of utilities to lift crypto keys from memory even after a reboot.

A boon for hackers and computer forensics experts alike, the approach created a means to circumvent disk encryption simply by powering off a target machine which has been left hibernating or screen-locked, and quickly re-booting it to an external hard drive loaded with customised software. The attack worked because DRAM chips used by modern computers retain data for seconds or even minutes after being powered down, contrary to popular opinion. Cooling the chips wasn't absolutely necessary but aided the process in some cases.

Once the data is recovered utilities are needed to make sense of the information and perform functions such as correcting errors caused by bit decay.

Full article here - http://www.theregister.co.uk/2008/07/21/cold_boot_utilities/


----------



## V0lt (Sep 14, 2002)

So this isn't do-able with a full stop (ie, letting the ram make that descending-pitch squeal)?


----------



## af3 (Jun 18, 2008)

Can RAM be scrubbed as a part of Windows shutdown with a special service-mode utility? (New freeware idea!) :4-dontkno


----------



## V0lt (Sep 14, 2002)

That would be a fine idea!

It'd be even easier if there was some identifier for the memory range that stores the keys.

Who'll be the first to break out the ol' assembler?


----------



## af3 (Jun 18, 2008)

Does scrubbing of 3.5GB of RAM take a while? How much could be filled with psuedorandom noise durring the shutdown period?

Anyone here know Assembly, C, C+, C++ or C# and the kernel driver model well enough to do this?

I would ask Steve Gibson, but he is too busy with stupid ISP spying political issues AND it's impossible to get a message to him.

EDIT: It would be nice if Microsoft did it in say, Windows XP SP3 Update Rollup 1 and Windows Vista SP2.

This should be an optional feature if it adds significant time to the shutdown process. Then again, who cares! Make the scrub non-interruptable and have a progress bar on the shutdown screen... Noisy RAM will make interesting music when this is happening!


----------



## Cellus (Aug 31, 2006)

Some security utilities (ie. encryption utilities) are now taking the effort to clear out their portion of memory when closing/shutting down. For example TrueCrypt (one of the apparent affected utilities) will clear out RAM now if shutdown or set to hibernate. Of course this can't be done if the system is improperly shutdown, but that is basically moot as no program can do squat if the computer has its power cut.


----------



## af3 (Jun 18, 2008)

Maybe they can use an encrypted disk cache of the keys in preparation for the unexpected improper shutdown. Do the keys have to be decrypted and in memory in order to mount an encrypted volume?


----------



## Cellus (Aug 31, 2006)

Yes they do. The thing is at the end of it all, the keys need to be decrypted one way or another to do the actual decryption of data. One round-about way to obscure all of this is through the use of hashes (eg. SHA-1, etc.) to obscure the actual password as a hash and base the "real" key off the hash. Of course in the end of all of that the hash itself is revealed anyways.

Programs like TrueCrypt and other various "on-the-fly" encryption need to have this key in the clear in memory to employ on-the-fly encryption/decryption as the crypto is done in memory. Also note that if a system uses virtual memory, the OS can transparently use the hard drive for the crypto without the security software even knowing it, which can in some cases of improper shutdown cause secret information to be stored on the HDD to be read.

The only real way at the moment with current technologies and designs is to limit the amount of time (the exposure) of secret information by, for example, clearing it out from memory after use. You can also set (for example) the page file to be cleared on shutdown (moot if the page file gets encrypted with disk encryption).

The true real honest solution to all of this is to make sure you shutdown your system properly. If something happens, just make sure to again shut it all down properly.

EDIT: Real "hardcore" methods use dedicated hardware tamper-resistant crypto-processors to handle all of this outside of the prying eyes of electronics and evil-doers everywhere.


----------



## af3 (Jun 18, 2008)

I wish there were a way to have an encrypted in-memory operation layer for the keys to protect them. This is above my understanding, and since it is open source, anyone with the source code could figure out how to expose the encrypted in-memory operation layer, but it would obsucre the keys from discovery if a cold boot attack were attempted, wouldn't it?

I have nothing to hide but encryption is a fun concept. I have played with TrueCrypt ever since hearing about it from Steve Gibson. The virtual drive aspect of TrueCrypt can be usefull for various experiments requiring multiple hard drives, but there must be another unencrypted solution out there for such a requirement. (sorry - off topic)

I am still using v5, did they put this cold boot attack fix in v6?


----------



## Cellus (Aug 31, 2006)

You can read the release notes on the site.

The only real true method these days of protecting crypto operations in memory currently being used is using dedicated physical (hardware) crypto-processors and memory which are isolated and shielded from both electronic and physical attacks. The key in this is making it unfeasible to even reach the memory to read it.

As for open source, there are security advantages to having it open to the world. The fact of the matter is the programming can actually be thoroughly reviewed by anyone and can be improved by anyone. There is a concept known as "Security through Obscurity", where making security software closed source makes it difficult to dissect the operations of the software, but this is commonly dealt with by those dedicated through reverse engineering anyways, and closed source has the disadvantage of not being up for review by the outside. At least with Truecrypt anyone can scrutinize it, while with closed source you honestly have no idea how things _really_ work in practice - things can look good on paper, and a program can tout a lot of things, but how it really works can be another. For example I remember reading a few articles of someone who hacked (ye olde' fashion hacking hacking, not "malicious" hacking) several USB keys which claimed security through encryption and such and he was able to completely circumvent the keys' security with his friendly neighbourhood hex editor and $20 worth of electronics equipment. It was quite fascinating, and is proof in the pudding that closed source security is not as great as is claimed as Security through Obscurity in this particular case does not necessarily outweigh the disadvantages.


----------

