Seagate ST9500421AS Princeton Attack on Software Encryption - Page 1

Seagate ST9500421AS - Momentus 7200 FDE 500 GB Hard Drive Manual

Get Seagate ST9500421AS - Momentus 7200 FDE 500 GB Hard Drive PDF manuals and user guides
UPC - 000000000000
View all Seagate ST9500421AS manuals
Add to My Manuals
Save this manual to your list of manuals

Page 1 highlights

Reality Check Princeton Attack on Software Encryption To Learn More • The report titled "Lest We Remember: Cold Boot Attacks on Encryption Keys" can be found here: http://citp.princeton.edu.nyud.net/ pub/coldboot.pdf. Researchers at Princeton have published results of their attack on software encryption, in a report titled "Lest We Remember: Cold Boot Attacks on Encryption Keys." The Princeton research focused on a well-known property of DRAM (dynamic RAM) called remanence, which can leave a cryptographic key stored in desktop or laptop computer memory (and the related encrypted data) vulnerable to attack. Remanence means that DRAM retains stored data for a short period after powering down the computer. Cooling the DRAM after turning the computer off can extend the remanence period to several minutes or longer, giving attackers enough time to access the DRAM and extract the key. The researchers, using computers with three different software-based encryption programs, described and tested three types of attacks: • Re-boot, launch custom kernel, gain access to memory • Cut power, restore power, launch custom kernel • Cut power, transfer DRAM to another computer Even though the attacks are impractical under most circumstances, the Princeton researchers noted that security best practices, including powering down or hibernating unattended computers to drain the DRAM memory, will thwart such an attack. Measures such as screen-locking and suspension alone will not prevent DRAM attacks since, with each, the computer remains powered up. Current software solutions do not erase keys from memory while the computer is powered up. The paper demonstrates not only how to identify, extract and reconstruct encryption keys from key shards found in memory, but how to use error correction techniques to recover corrupted (faded) keys. DRAM attacks to hardware-based full disk encryption (FDE) drives, the technology that powers the Seagate® Momentus® 5400 FDE.2 drives for laptop computers, are not possible, because the cryptographic key never leaves the hard drive. The key is not stored in DRAM, but in the ASIC chip that implements the encryption algorithm, which is built into the drive.

  • 1
  • 2
  • 3
  • 4
Researchers at Princeton have published results of their attack on software
encryption, in a report titled “Lest We Remember: Cold Boot Attacks on
Encryption Keys.”
The Princeton research focused on a well-known property of DRAM
(dynamic RAM) called remanence, which can leave a cryptographic key
stored in desktop or laptop computer memory (and the related encrypted
data) vulnerable to attack.
Remanence means that DRAM retains stored data for a short period after
powering down the computer. Cooling the DRAM after turning the computer
off can extend the remanence period to several minutes or longer, giving
attackers enough time to access the DRAM and extract the key.
The researchers, using computers with three different software-based
encryption programs, described and tested three types of attacks:
Re-boot, launch custom kernel, gain access to memory
Cut power, restore power, launch custom kernel
Cut power, transfer DRAM to another computer
Even though the attacks are impractical under most circumstances, the
Princeton researchers noted that security best practices, including powering
down or hibernating unattended computers to drain the DRAM memory, will
thwart such an attack.
Measures such as screen-locking and suspension alone will not prevent
DRAM attacks since, with each, the computer remains powered up. Current
software solutions do not erase keys from memory while the computer is
powered up.
The paper demonstrates not only how to identify, extract and reconstruct
encryption keys from key shards found in memory, but how to use error
correction techniques to recover corrupted (faded) keys.
DRAM attacks to hardware-based full disk encryption (FDE) drives, the
technology that powers the Seagate
®
Momentus
®
5400 FDE.2 drives for
laptop computers, are
not possible
, because the cryptographic key never
leaves the hard drive. The key is not stored in DRAM, but in the ASIC chip
that implements the encryption algorithm, which is built into the drive.
Princeton Attack on
Software Encryption
Reality Check
To Learn More
• The report titled “Lest We Remember: Cold
Boot Attacks on Encryption Keys” can be
found here:
pub/coldboot.pdf
.