Seagate ST9500421AS Princeton Attack on Software Encryption - Page 1
Seagate ST9500421AS - Momentus 7200 FDE 500 GB Hard Drive Manual
UPC - 000000000000
View all Seagate ST9500421AS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 1 highlights
Reality Check Princeton Attack on Software Encryption To Learn More • The report titled "Lest We Remember: Cold Boot Attacks on Encryption Keys" can be found here: http://citp.princeton.edu.nyud.net/ pub/coldboot.pdf. Researchers at Princeton have published results of their attack on software encryption, in a report titled "Lest We Remember: Cold Boot Attacks on Encryption Keys." The Princeton research focused on a well-known property of DRAM (dynamic RAM) called remanence, which can leave a cryptographic key stored in desktop or laptop computer memory (and the related encrypted data) vulnerable to attack. Remanence means that DRAM retains stored data for a short period after powering down the computer. Cooling the DRAM after turning the computer off can extend the remanence period to several minutes or longer, giving attackers enough time to access the DRAM and extract the key. The researchers, using computers with three different software-based encryption programs, described and tested three types of attacks: • Re-boot, launch custom kernel, gain access to memory • Cut power, restore power, launch custom kernel • Cut power, transfer DRAM to another computer Even though the attacks are impractical under most circumstances, the Princeton researchers noted that security best practices, including powering down or hibernating unattended computers to drain the DRAM memory, will thwart such an attack. Measures such as screen-locking and suspension alone will not prevent DRAM attacks since, with each, the computer remains powered up. Current software solutions do not erase keys from memory while the computer is powered up. The paper demonstrates not only how to identify, extract and reconstruct encryption keys from key shards found in memory, but how to use error correction techniques to recover corrupted (faded) keys. DRAM attacks to hardware-based full disk encryption (FDE) drives, the technology that powers the Seagate® Momentus® 5400 FDE.2 drives for laptop computers, are not possible, because the cryptographic key never leaves the hard drive. The key is not stored in DRAM, but in the ASIC chip that implements the encryption algorithm, which is built into the drive.