tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cold boot attacks on cgd?

On Mon, Feb 25, 2008 at 11:32:06PM -0300, C?sar Catri?n Carre?o wrote:
> Should the CGD's parameters file secure storage deal with this issue?

It can't.  If the key needs to be in memory to be used, it can be
recovered.  The best mitigations we can do amount to obfuscating the
memory contents and overwriting subsidiary key scheduling material in
memory as soon as it's not needed. The original paper discusses some
of these measures.

These attacks are more sophisticated forms of the same reason why
current cgd guidance cautions against using suspend-to-disk methods;
with these attacks the image can be obtained from the RAM itself, long
after it had previously been assumed the RAM contents would be lost.


Attachment: pgpEb0r9QIKv5.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index