tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cold boot attacks on cgd?



On Tue, 26 Feb 2008 02:02:59 +0000
"Steven M. Bellovin" <smb%cs.columbia.edu@localhost> wrote:


> 
> There is apparently some BIOS magic that can be done to force certain
> sections of RAM to be zeroed by the BIOS at boot time.  I don't know
> anything more about how to set that flag.  Even if it is set, there's
> no defense against someone chilling the RAM, removing it from your
> machine, and putting it into their own.
> 

It's called the MOR bit in the TPM.  See
http://technet2.microsoft.com/windowsserver2008/en/library/d2ff5c4e-4a68-4fd3-81d1-665e95a59dd91033.mspx?mfr=true
It means "there are keys present; zero RAM when booting".  This does
nothing against the guy with the Dewar flask of liquid nitrogen, of
course.  Also, not all BIOSes honor this bit -- which means they're
non-conforming, but what else is new?



                --Steve Bellovin, http://www.cs.columbia.edu/~smb


Home | Main Index | Thread Index | Old Index