Lest we remember: cold-boot attacks on encryption keys

  title={Lest we remember: cold-boot attacks on encryption keys},
  author={J. Alex Halderman and Seth D. Schoen and Nadia Heninger and William Clarkson and William Paul and Joseph A. Calandrino and Ariel J. Feldman and Jacob Appelbaum and Edward W. Felten},
Contrary to widespread assumption, dynamic RAM (DRAM), the main memory in most modern computers, retains its contents for several seconds after power is lost, even at room temperature and even if removed from a motherboard. Although DRAM becomes less reliable when it is not refreshed, it is not immediately erased, and its contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating… 

Figures from this paper

Defending Against Attacks on Main Memory Persistence

A memory encryption control unit (MECU) that provides memory confidentiality during system suspend and across reboots and provides zero-cost steady state memory confidentiality for non-volatile main memory is proposed.

FPGA-accelerated key search for cold-boot attacks against AES

An FPGA-based architecture on a Maxeler dataflow computing system that outperforms a software implementation up to 205x is presented, which significantly improves the practicability of cold-attacks against AES.

An Efficient Memory Zeroization Technique Under Side-Channel Attacks

  • A. SrivastavaP. Ghosh
  • Computer Science
    2019 32nd International Conference on VLSI Design and 2019 18th International Conference on Embedded Systems (VLSID)
  • 2019
A novel approach of using existing memory built-in-self-test (MBIST) hardware to zeroize (initialize memory to all zeros) on-chip memory contents before it is being hacked either through different side channels or secuirty attacks is proposed.

Lest we forget : Cold-boot attacks on scrambled DDR 3 memory

A descrambling attack that requires at most 128 bytes of known plaintext within the image in order to perform full recovery and is refined using the mathematical relationships within the key stream to at most 50 bytes ofknown plaintext for a dual memory channel system.

PRIME: private RSA infrastructure for memory-less encryption

With PRIME, this work presents a cold boot resistant infrastructure for private RSA operations, where all private RSA parameters reside symmetrically encrypted in RAM and are decrypted only within CPU registers.

Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors

Analysis of enhancements that have been introduced in DDR4 memory scramblers in the 6th generation Intel Core (Skylake) processors confirm modern stream ciphers such as ChaCha8 are sufficiently fast that it is now possible to completely overlap keystream generation with DRAM row buffer access latency, thereby enabling the creation of strongly encrypted DRAMs with zero exposed latency.

i-NVMM: A secure non-volatile main memory system with incremental encryption

i-NVMM is introduced, a data privacy protection scheme for NVMM, where the main memory is encrypted incrementally, i.e. different data in the mainMemory is encrypted at different times depending on whether the data is predicted to still be useful to the processor.

Mitigation of cold boot attack using an encrypted memory controller

The thesis introduces a set of architecture innovations that aim for the implementation of the proposed security model and proposes a new key storage mechanism which protects digital content and software stored in untrusted system memory from physical tamper.

Hypnoguard: Protecting Secrets across Sleep-wake Cycles

To the best of the knowledge, Hypnoguard provides the first wakeup-time secure environment for authentication and key unlocking, without requiring per-application changes.



Architectural support for copy and tamper resistant software

The hardware implementation of a form of execute-only memory (XOM) that allows instructions stored in memory to be executed but not otherwise manipulated is studied, indicating that it is possible to create a normal multi-tasking machine where nearly all applications can be run in XOM mode.

Shredding Your Garbage: Reducing Data Lifetime Through Secure Deallocation

It is demonstrated that secure deallocation generally clears data immediately after its last use, and that without such measures, data can remain in memory for days or weeks, even persisting across reboots.

Halting Password Puzzles: Hard-to-break Encryption from Human-memorable Keys

A fresh redesign of Key Derivation Functions (KDF) is advocated, named Halting KDF (HKDF), which is thoroughly motivate on these grounds: by letting password owners choose the hash iteration count, it gain operational flexibility and eliminate the rapid obsolescence faced by many existing schemes.

Architecture for protecting critical secrets in microprocessors

Unique aspects of the secret-protected (SP) architecture include: decoupling of user secrets from the devices, enabling users to securely access their keys from different networked computing devices; the use of symmetric master keys rather than more costly public-private key pairs; and the avoidance of any permanent or factory-installed device secrets.

The Acquisition and Analysis of Random Access Memory

The benefits and drawbacks of traditional incident response methods are discussed compared to an augmented model that includes the capture and subsequent analysis of a suspect system's memory, provides a foundation for analyzing captured memory, and provides suggestions for related work.

Low temperature data remanence in static RAM

The conventional wisdom no longer holds that the contents of SRAM can be ‘frozen’ at temperatures below −20°C; therefore, many devices treat temperatures below this threshold as tampering events.

BootJacker: compromising computers using forced restarts

BootJacker is a proof-of-concept attack tool which demonstrates that authentication mechanisms employed by an operating system can be bypassed by obtaining physical access and simply forcing a

Exposure-Resilient Functions and All-or-Nothing Transforms

This work shows how to build cryptographic primitives that remain secure even when an adversary is able to learn almost all of the secret key, and uses the (generalized) notion of an All-Or-Nothing Transform (AONT), an invertible (randomized) transformation T which reveals "no information" about x even if almost all the bits of T(x) are known.

Hardware-rooted trust for secure key management and transient trust

The authority-mode SP architecture can be used to provide significant new functionality including transient access to secrets with reliable revocation mechanisms, controlled transitive support for policy-controlled secrets belonging to different organizations, and remote attestation and secure communications with the authority.