tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cold boot attacks on cgd?

On Tue, 26 Feb 2008 02:02:59 +0000
"Steven M. Bellovin" <> wrote:

> There is apparently some BIOS magic that can be done to force certain
> sections of RAM to be zeroed by the BIOS at boot time.  I don't know
> anything more about how to set that flag.  Even if it is set, there's
> no defense against someone chilling the RAM, removing it from your
> machine, and putting it into their own.

It's called the MOR bit in the TPM.  See
It means "there are keys present; zero RAM when booting".  This does
nothing against the guy with the Dewar flask of liquid nitrogen, of
course.  Also, not all BIOSes honor this bit -- which means they're
non-conforming, but what else is new?

                --Steve Bellovin,

Home | Main Index | Thread Index | Old Index