I’ve got a fool-proof fix for this attack, it is the #1 rule of system security.

Restrict physical access to all sensitive boxes.

Posted at 2:30 pm on May 13th, 2008 by SleighBoy

Physical security does not work as well when dealing with a laptop. You carry it in the airport, someone manages to steal it. If you have good physical security you don’t have to worry about any file systemencryption.

Posted at 2:58 pm on May 13th, 2008 by Sean Conory

I have a better solution. Remove all ram from your laptop before
shutting it down. *evil grin*

And store it in a closed bottle of warm water to help the data fade
faster…

Disclaimer- Do not try this at home, kids!

Posted at 3:19 pm on May 13th, 2008 by Skyler Orlando

I don’t know about RAM init procedures, but couldn’t one build chips that, when powered on, ensure they’re filled with all 0’s? so an attacker might freeze them, and build them into another machine in order to read them out etc, but once the machine powers on, data would be erased… (and if this feature is really *inside* the RAM chips, not just on the same board, there should be no way to get around this, as you can’t yet determine the state of every electron inside the chip^^)

or is it possible to freeze the RAM in a way that makes it “read-only”?

Posted at 3:26 pm on May 13th, 2008 by pascal

@skyler
so you advocate keistering your RAM?

Posted at 3:41 pm on May 13th, 2008 by tommy

deja vu!…this was posted here back in February

Posted at 5:17 pm on May 13th, 2008 by tim

Yeah, this is old news. I wrote about it, back when it was new fresh news full of life! http://www.webpulp.org/videos/breaking-disk-encryption-with-ram-dumps/

Posted at 5:23 pm on May 13th, 2008 by Joe

Yeah, I had the audacity of including a link to our February post in this new post.

This video is interesting because it comes after several months of talking about the problem. In the first release they hadn’t perfected the ipod or network dump. Jake also mentions that DDR3 can report chip temperature so future bioses could scram if they thought they were being attacked.

Posted at 7:00 pm on May 13th, 2008 by Eliot

what if a person designed an OS that required use of a USB stick that had the encryption key on it…so that all data on the RAM was encrypted…could everything be considered safe then? and if a person removed the stick which cleared RAM automatically?

are you safe then?

Posted at 8:40 pm on May 13th, 2008 by predator

Yeah, you could encrypt the ram, and store the key in the processor cache, implementing custom ram that stores enough power to delete itself on power loss would also be an option.

Or you could just, you know, turn off your computer when your done using it…

Posted at 8:56 pm on May 13th, 2008 by Wolf

I dunno about foolproof, but Maxim makes a chip that’s very good at dealing with this problem: check out the DS3600 series, as talked about in this article/advertisement.
Internal temp-detection mechanism that registers a change in temperature in 100ns and sets a tamper alarm (that’s much faster than the chip can actually be cooled to stop functioning) and once the alarm is set, it blanks all the crypto keys it has onboard. It also continually rewrites the crypto keys, xoring them each time, so they don’t build up a charge that can be recovered even after they’ve been wiped, and the chip itself is designed with its interface to the board practically unavailable by putting the data pins inside a perimeter of sense pins in a BGA.
Other companies have similar things — and this is stuff being sold on the open market. Captive fabs building just for the government probably have more interesting stuff yet.

Posted at 12:21 am on May 14th, 2008 by random

I didn’t read the instructions: here’s the link to the ad/article:
http://rfdesign.com/military_defense_electronics/physical-security-encryption-keys-1207/

Posted at 12:24 am on May 14th, 2008 by random

Maybe not solved in said laptop, but ATM encryption cards have been potted, wrapped in 40AWG wire, and configured with X-ray sensors in addition to the temperature sensor to get around this problem. Good RAM can keep charge on the caps for a while even after the refresh goes away.

Posted at 2:48 am on May 14th, 2008 by crust

pascal:

Removing the “super” ram and replacing it with regular ram would avoid this. Perhaps if you soldered the memory on…

Or if every ram manufacturer goes the route of replacing every ram module with “super” ram, then you can sure bet that someone will find a way to disable the process and still use the attack.

Posted at 5:52 am on May 14th, 2008 by Markie

There are simple ways to defeat this, and although not 100% reliable they are pretty effective.

You have to consider what sort of situation this attack is likely to be used in. The attacker would have to get to the machine while it is powered on, but be unable to access it due to software security (passwords etc). So, they reboot the system and try to recover the encryption keys from RAM.

Why would you need to freeze the RAM if you could just hit the reset button? Well, the reset button might be disconnected, or the BIOS might be set up to do a full memory check which would overwrite every byte in RAM. The only way to be sure to avoid the BIOS wiping RAM would be to power the machine off, reset the BIOS and power it back on. Note that in laptops, even resetting the BIOS (which is typically very difficult as it involved opening the laptop up) often does not clear the power-on password.

So, the attacker wants to freeze the RAM and put it into their own machine for reading. It’s going to be hard to freeze it, transport it to the new machine and install it without data loss, but for arguments sake let’s say it’s possible.

Most machines have a case open switch, which could be used to trigger a memory wiping program. Assuming the program was intelligent things like encryption keys could be erased in nanoseconds, and the entire RAM in a few seconds. The attacker would have to power off before opening the case, increasing the time before they can freeze the RAM and thus increasing data loss.

Really, this kind of attack, assuming you are reasonably well prepared for it, is not particularly effective. For anyone worried about law enforcement, setting the BIOS to do a full memory test and setting a BIOS password is enough to prevent it in most cases. An improvement would be to make sure your BIOS does a full memory test by default (i.e. after being reset). Some mobos do that, if yours doesn’t a BIOS editor might fix that.

Posted at 7:32 am on May 14th, 2008 by mojo

Heya Eliot! Thanks for the link and the nice words. Two minor corrections, one is that my last name is spelled with ‘el’ and not ‘le’: Appelbaum.

The other is that while I sure wish I worked for the EFF, I was simply in the EFF offices. This was unclear because the final cut of the video cut out Seth and Peter, they actually work at the EFF and I do not.

Thanks again!

Posted at 6:02 pm on May 15th, 2008 by Jacob Appelbaum

Interesting video but the comment the reporter lady said after the credits really made my day. it took me by surprise and I almost choked on my coffee

“If only I could unsee.. what Ive seen with these eyes….. Two girls one cup was just the start”

Posted at 9:44 pm on May 16th, 2008 by Cheng