|
Tuesday, August 5, 2008, 3:00 pm - 4:00 pm
Speakers:
Seth Schoen, Staff Technologist, Electronic Frontier Foundation.
Jacob Applebaum, Developer, Tor Project.
Most computer users think of RAM as highly volatile; they assume that a loss of power causes the contents of RAM to disappear instantly. In fact, RAM contents may persist for seconds to minutes without power at room temperature. A team including this session's presenters and researchers from Princeton University and Wind River Systems has investigated the security implications of this fact, devising practical techniques to quickly and easily recover encryption keys and other data from memory. This makes it possible, under many circumstances, to bypass popular encryption software including common Linux disk encryption systems. These attacks challenge some intuitions about how encryption can protect sensitive data on laptops. In this session, we will demonstrate our attacks, including the effects of cooling memory chips to extent data retention times, show how encryption keys can be recovered and discuss countermeasures that disk encryption users can take to protect themselves.
|
