Use “Duster Spray Can” to hack the disk encryption keys

first_imgComputer Scientists at Princeton University have shown some very easy and creative methods to hackcryptographic key material with physical access to an encryptedmachine. Watch the video embedded below to find out how existingtechnology is really vulnerable against Cold Boot Attacks on Encryption Keys. All you need is a Duster spray can, if that, to cool the DRAM and extract the keys. The paper publishedalong with the video clearly outlines techniques for finding keysresiding in memory.The really cool part is that this technique doesn’treally hack into the encryption directly. Rather, it depends onscanning the encryption keys by accessing the contents of the RAM andthen extracting the data either by directly tampering with the RAM orby simply booting the computer from a USB drive. You can also read theindustry response and more details on these findings in the article.It is not all bad news … Intel is planning on releasing atechnology code named “Danbury” which drastically reduces exposure tothe Cold boot attacks. Please note that Danbury technology will be part of the Intel vPro processor technology to be released later this year. Danbury uses dedicated platform hardware toprovide full disk encryption and the actual data encryption keys arenot kept in the DRAM. Although, Intermediate, or ‘wrapping’, keys usedto unlock data encryption keys are stored in DRAM temporarily,when the user is physically present or while remote IT operation hascontrol of the platform. These keys are subsequently deleted once nolonger needed, thus reducing the exposure significantly.I am also very happy to announce that Danbury SDK that can leveragedby software vendors to enhance encryption software will be made on the manageability developer communitylater this year. If you are interested to find out more about thistechnology or are interested in developing encryption software usingthis technology then feel free to leave a comment on this post.last_img

Leave a Reply

Your email address will not be published. Required fields are marked *