Questions tagged [cold-boot-attack]
An active or semi-active side-channel attack that involves turning off or resetting the device forcibly, then reading the contents of its memory before it decays or changes substantially.
25 questions
0
votes
2
answers
289
views
How do embedded systems protect encryption keys when no user authentication is possible at startup?
Embedded and IoT systems power on autonomously, without user input (unlike PCs or phones requiring a PIN/password). If the manufacturer wants to encrypt the flash storage:
Must the decryption key be ...
- 547
2
votes
1
answer
297
views
Why does BitLocker keep the Volume Master Key (VMK) in plaintext RAM instead of inside a TEE?
I have two related questions about BitLocker’s key handling:
1)
After the system boots and BitLocker unlocks the drive, TPM releases the Volume Master Key (VMK) and from now on it is resident in ...
- 547
2
votes
3
answers
1k
views
Clarifying BitLocker Full Disk Encryption and the role of TPM
Question 1:
Can you confirm that in a full disk encryption setup like BitLocker, when we normally boot the system, use the password, and log in, the key to decrypt the disk is loaded into RAM?
If so, ...
- 547
0
votes
1
answer
187
views
What type of attacks can be carried against an OS with FDE, if we assume OS and FDE are implemented correctly?
The question is mainly stated in the title. I was wondering what kind of attacks can be launched on such a setup, where someone has access to a running OS with locked screen (needs password for the ...
- 101
1
vote
0
answers
268
views
Cold boot attack on NAS
I'm familiar with the concept of cold boot attacks on laptop and desktop computers, where the goal is to find hidden encryption keys in the memory. I also think it's done on certain mobile phones. I ...
- 26
1
vote
1
answer
2k
views
Is a cold-boot-attack on a bitlocker key in TPM still possible, if I use the TPM with a different drive in the meantime?
I have a laptop with the system disk encrypted by Bitlocker. Bitlocker is configured to require a pre-boot pin, and unlocks by TPM. The recovery key is required to unlock and is not available atm. The ...
- 11
-1
votes
1
answer
431
views
Booting from removeable media, evil maid, and others? [closed]
I am having a problem understanding some security techniques and was hoping someone could clarify some things. For instance, in terms of an evil maid attack, what are some solutions to preventing ...
- 617
0
votes
1
answer
219
views
RAM as a attack target
What is the simplest or most common method to read a value, for example a text, from the RAM of a personal computer?
What access requirements are necessary for this? Is a search in a hex dump always ...
- 256
8
votes
5
answers
6k
views
Way to protect from cold boot attack
After reading some research papers about cold boot attack, I got a big shock and start searching for ways to protect against that kind of vulnerability. I got one solution that is using BitLocker pin ...
- 101
47
votes
9
answers
11k
views
How to prevent a hosting company from accessing a VM's encryption keys?
I want to prevent potential theft of my web application (source code + database) by my local hosting company, that I don't fully trust for some reason (but have no other choice but to use as they give,...
- 919
0
votes
0
answers
167
views
Non-obvious Mitigations for This DMA-Attack Demonstrated by F-Secure
Are there any non-obvious mitigations for the big DMA-attack revealed last year and demonstrated in this video by F-Secure?
We know that Microsoft has published some material pertaining to DMA-...
- 151
0
votes
1
answer
148
views
Interpreting this F-Secure Video of a DMA-Attack
I'm trying to interpret this video demonstration by F-Secure of the big cold-boot attack discovered last year.
What is happening at the 50-second mark?
Why does he insert the USB boot-device before ...
- 151
2
votes
2
answers
480
views
Is setting a firmware password on a Macbook enough to prevent cold boot attacks?
I have a Macbook configured with a firmware password required to boot from any media other than the built-in NVMe drive. In theory, this means without my password you can't boot from removable media. ...
user115400
3
votes
1
answer
1k
views
Cold-boot attack example in the real world
I wrote a paper with a countermeasure for a cold-boot attack and am currently in rebuttal process.
One reviewer struggles with the motivation behind cold-boot attacks. Specifically, he asks if there ...
- 31
2
votes
1
answer
419
views
How Secure is Storing Cryptographic Information into the CPU Register instead of RAM
I read about Tresor / TreVisor / Armored.
How Secure is Storing Cryptographic Information into the CPU Debug-Register over storing it into the RAM?
And why is it currently not much used?
I know ...
- 598