Click here to receive your FREE subscription to Campus Technology
Opinion
Research Has Chilling Effect on Hard Drive Encryption
3/14/2008
Back in the 1970s when I was teaching digital logic courses, it was conventional wisdom that Dynamic Random Access Memory (DRAM) memory chips would immediately lose data when the power was turned off. But a group of researchers at Princeton have demonstrated that the data in DRAMs, which are used in most personal computers and which temporarily hold a PC's encryption keys, will persist and remain readable after power has been turned off for several seconds to minutes at room temperature and much longer if the chip is cooled.
What that means to us road warriors is that just encrypting data on our laptop's hard drive may not be enough to protect that data if the machine is lost or stolen. And remember Adam Dodge notes in his Educational Security Incidents 2007 report that there were 52 incidents affecting 295,300 records involving the loss or theft of physical media such as drives and laptops. Even office-based machines that are physically accessible are vulnerable. So much for the advice "encrypt your data" that folks like me have been giving users for years.
The Princeton Findings
First, the Princeton group measured how quickly DRAM memory faded when power was cut off at a variety of temperatures. (While solid-state researchers have known the DRAM remembrance problem for some time, the Princeton group was the first to conduct systematic experiments showing how the phenomenon could be exploited to compromise data.) They observed that at normal operating temperatures there was a low rate of bit corruption for several seconds, followed by a period of rapid decay. They also found, as expected, that the memory decay rate decreased rapidly as the temperature decreased. Using the simple cooling technique of spraying an inverted can of "canned air" on the chips resulted in less than 1 percent of the bits decaying after 10 minutes without power. When the DRAM chips were cooled to liquid nitrogen temperatures, the Princeton group observed decay rates of 0.17 percent after 60 minutes without power.
They then successfully demonstrated three attacks that exploited the DRAM remanence:
- Reboot the machine and launch a custom kernel that gives the attacker access to the retained memory;
- Briefly cut and restore power to the machine and then boot from a custom kernel, which keeps the operating system from scrubbing memory before shutdown; and
- Cutting power and transplanting the DRAM modules to a second PC prepared by the attacker.
Since if the power to the DRAM memory is cut for too long the data will be corrupted, the Princeton group then investigated three strategies for reducing corruption:
- Cooling the memory chips prior to cutting power;
- Applying algorithms for correcting errors in private and symmetric key; and
- Modeling the physical conditions under which the data on chips was recovered as well as the decay properties of the chips to improve the error correcting algorithms.
The error correction algorithms they developed were able to reconstruct cryptographic keys even with relatively high bit-error rates using other recovered data such as key schedules. Using these algorithms they were able to reconstruct 128-bit AES keys with 10 percent of the bits decayed.
Recommended Reading
- Security Researchers Uncover Spring Framework Vulnerability
Software frameworks are enjoying enormous popularity these days among a range of developers. It's popularity well earned; frameworks provide powerful tools for building more flexible and less error-prone applications. They generally enhance developer productivity with out-of-the-box functionality. And they can free developers to focus on features instead of common coding tasks.
- 3PAR Server Arrays Integrate Fat-to-Thin Processing
Utility storage provider 3PAR has announced the release of the 3PAR InServ T400 and T800 Storage Servers. The new hardware is built on the company's third-generation InSpire architecture, featuring the 3PAR Gen3 ASIC with integrated fat-to-thin processing.
- CUNY, Red Hat, Intel To Launch Open Source Test Center
City University of New York (CUNY) is partnering up with Intel and Red Hat to launch a new software institute dedicated to open source software. The center, New York City Open Source Solutions Lab, based out of the CUNY Graduate Center, will serve as a test bed for government IT professionals in New York who are working with open source solutions.
- Adobe Makes ColdFusion 8 Free for Students, Educators
Adobe has made its ColdFusion 8 Web development platform free for educators and students. The offer is available for all public and private accredited K-12 schools and colleges and universities.
- Gathering Your Digital Pencils for Back-to-School
Trent Batson considers a list of back-to-school resources for Web 2.0.
- Tips for Getting Started with Educational Wikis
Campus Technology speaks with wiki expert Stewart Mader, who discusses choosing between commercial and open source wiki products, getting started with a wiki, and why Wikipedia is the single biggest stumbling block to wikis in higher education.
