[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] Cold Boot Attacks on Disk Encryption -- report on
Begin forwarded message: From: Declan McCullagh <declan@well.com> Date: February 21, 2008 3:57:43 PM EST To: dave@farber.net Cc: Jacob Appelbaum <jacob@appelbaum.net> Subject: Re: [IP] Cold Boot Attacks on Disk Encryption Dave,The paper published today makes some pretty strong claims about the vulnerabilities of Microsoft's BitLocker, Apple's FileVault, TrueCrypt, Linux's dm-crypt subsystem, and similar products.
So I put the folks behind it to a test. I gave them my MacBook laptop with FileVault turned on, powered up, encrypted swap enabled, and the screen saver locked.
They were in fact able to extract the 128-bit AES key; I've put screen snapshots of their FileVault bypass process here:
http://www.news.com/2300-1029_3-6230933-1.html And my article with responses from Microsoft, Apple, and PGP is here: http://www.news.com/8301-13578_3-9876060-38.htmlBottom line? This is a very nicely done attack. It's going to make us rethink how we handle laptops in sleep mode and servers that use encrypted filesystems (a mail server, for instance).
-Declan Jacob Appelbaum wrote:
With all of the discussions that take place daily about laptop seizures, data breech laws and how crypto can often come to the rescue, I thoughtthe readers of IP might be interested in a research project that was released today. We've been working on this for quite some time and are quite proud of the results. Ed Felten wrote about it on Freedom To Tinker this morning: http://www.freedom-to-tinker.com/?p=1257
-------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC