Seagate ST9500421AS Princeton Attack on Software Encryption - Page 3
Q: Is hardware FDE vulnerable to the DRAM
UPC - 000000000000
View all Seagate ST9500421AS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 3 highlights
Princeton Attack on Software Encryption Q: If I power off my computer, am I vulnerable to key theft? A: Yes, you are vulnerable to at least two types of attacks, if you are using a software encryption package that keeps its encryption keys in memory. First, it will take several seconds or even minutes for the contents of your memory to decay, so a hacker that accesses the computer soon after it has powered down can tap the computer's memory to find the encryption keys. Second, a hacker could write a program that scans your computer's memory anytime your system is booted and encryption is running. This program could run quietly in the background, locating and capturing any encryption keys left in memory. Hardware FDE keeps your encryption keys out of computer memory at all times, protecting the keys against this type of theft. Q: Does the type of encryption matter in this theft? A: No. Encryption relies on what is termed "symmetric key cryptography" by security experts-the same key is used to encrypt and decrypt the data. For symmetric key cryptography, the key must be as random as possible, regardless of the type of encryption used. Q: What can I do to prevent this theft? A: Never leave your computer running where it can be easily accessed by a potential hacker or thief, and be sure to wait a few minutes before leaving your computer to allow the contents of your DRAM to gradually disappear. If a thief or attacker cannot get physical possession of your computer, he or she cannot freeze your DRAM or get to your data. If this is not possible, never leave your computer unattended in standby mode. Instead, always use the hibernate mode anytime you are not present. In the standby mode, your computer keeps the operating system and encryption keys in memory so that the system can restart as quickly as possible (whenever you open the lid). In hibernate mode, all contents of memory are written to disk and the system is powered down. After a few minutes, the computer's memory is empty, so freezing the DRAM will be useless. The disadvantage of this mode is that it takes longer for the system to load (~10 seconds longer for the newest laptops) and the user password must be entered each time the computer lid is opened. Q: Is it possible to remove my encryption key from memory when my computer is in standby mode? A: Yes. Your software encryption could erase the encryption key each time you go into standby mode (i.e., shutting the lid on your laptop), but this will require that you re-enter your password each time you open the lid on your laptop, since the key will be lost. Please note that your software must explicitly erase the encryption key. Requiring a password each time you open the lid is not enough. Q: How does hardware FDE help? A: Hardware FDE, such as that provided by the Seagate Momentus 5400 FDE.2 drive, never leaves the encryption key in the laptop's memory. Since the encryption key is never in memory, a hacker can never find it by scanning memory, and the laptop user's data is much less vulnerable. Of course, even the Momentus 5400 FDE.2 drive offers little protection if a user leaves the laptop unattended in standby mode. All a thief needs to do is to lift the laptop lid, and (assuming that some type of password protection upon resuming from standby has not been set up) copy all of the data to an external storage device. Q: Is hardware FDE vulnerable to the DRAM freezing attack? A: No. The drive memory and components on the Momentus 5400 FDE.2 drive are mounted in a way that would require a hacker to remove the drive's PCBA (printed circuit board assembly) and flip it over in order to gain access-a process that would cut off power to the drive, locking it and removing the encryption keys from drive memory. In addition, the Momentus 5400 FDE.2 drive keeps encryption keys in drive memory for as short a time as possible and overwrites the key with zeros after each use. Because keys can be contained in drive memory, Seagate carefully secures the drive using hardware and software mechanisms to prevent access to the drive memory by all but authorized users.