Report: Disk encryption security defeatable through DRAM vulnerability

Ed Felten writes on Freedom-to-Tinker:

Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux.

The root of the problem lies in an unexpected property of today's DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn't so. Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.

Link to paper site, Link to PDF, and a video is below. (thanks, Jake Appelbaum)

UPDATE, 9:44am PT: Declan McCullagh at has an analysis piece here.

(Cross-posted from Boing Boing)

This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

4 Responses to Report: Disk encryption security defeatable through DRAM vulnerability

  1. Anonymous says:

    To actually use an exploit like this, the attacker would need physical access to your machine while it is running and has already accessed sensitive data, and the data is in physical memory. They would then have to cut power to your system and hope that it can boot to their memory scanning program without overwriting the portion of memory with the information in it.

  2. Frank_in_Virginia says:

    Excellent job detailing the vulnerability. Do I hear the sound of Border Security goons cheering?

  3. fearlessleo says:

    Kennedy assasination @ 4:18 = Funny.

  4. Skep says:

    I don’t know why this is a surprise. RAM latency attacks have always been taken into consideration by products like PGP, though I don’t know if they are vulnerable for the whole disk encryption issue.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


More BB

Boing Boing Video

Flickr Pool




Displays ads via FM Tech

RSS and Email

This work is licensed under a Creative Commons License permitting non-commercial sharing with attribution. Boing Boing is a trademark of Happy Mutants LLC in the United States and other countries.

FM Tech