Lest we remember: cold-boot attacks on encryption keys

@inproceedings{Halderman2009LestWR,
  title={Lest we remember: cold-boot attacks on encryption keys},
  author={J. Alex Halderman and Seth D. Schoen and Nadia Heninger and William Clarkson and William Paul and Joseph A. Calandrino and Ariel J. Feldman and Jacob Appelbaum and Edward W. Felten},
  booktitle={CACM},
  year={2009}
}
Contrary to widespread assumption, dynamic RAM (DRAM), the main memory in most modern computers, retains its contents for several seconds after power is lost, even at room temperature and even if removed from a motherboard. Although DRAM becomes less reliable when it is not refreshed, it is not immediately erased, and its contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating… 
Amnesiac DRAM: A Proactive Defense Mechanism Against Cold Boot Attacks
TLDR
A proactive defense mechanism, Amnesiac DRAM, is proposed and evaluated, that comprehensively prevents the cold boot attacks and locks itself and deletes all the remaining contents, making it amnesiac.
Defending Against Attacks on Main Memory Persistence
TLDR
A memory encryption control unit (MECU) that provides memory confidentiality during system suspend and across reboots and provides zero-cost steady state memory confidentiality for non-volatile main memory is proposed.
FPGA-accelerated key search for cold-boot attacks against AES
TLDR
An FPGA-based architecture on a Maxeler dataflow computing system that outperforms a software implementation up to 205x is presented, which significantly improves the practicability of cold-attacks against AES.
An Efficient Memory Zeroization Technique Under Side-Channel Attacks
  • A. Srivastava, P. Ghosh
  • Computer Science
    2019 32nd International Conference on VLSI Design and 2019 18th International Conference on Embedded Systems (VLSID)
  • 2019
TLDR
A novel approach of using existing memory built-in-self-test (MBIST) hardware to zeroize (initialize memory to all zeros) on-chip memory contents before it is being hacked either through different side channels or secuirty attacks is proposed.
Lest we forget: Cold-boot attacks on scrambled DDR3 memory
TLDR
This work presents a descrambling attack that enables cold-boot attacks on systems employing Intel's memory scrambling technology, and further refine this attack using the mathematical relationships within the key stream to at most 50 bytes of known plaintext for a dual memory channel system.
Lest we forget : Cold-boot attacks on scrambled DDR 3 memory
As hard disk encryption, RAM disks, persistent data avoidance technology and memoryonly malware become more widespread, memory analysis becomes more important. Cold-boot attacks are a
PRIME: private RSA infrastructure for memory-less encryption
TLDR
With PRIME, this work presents a cold boot resistant infrastructure for private RSA operations, where all private RSA parameters reside symmetrically encrypted in RAM and are decrypted only within CPU registers.
Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors
TLDR
Analysis of enhancements that have been introduced in DDR4 memory scramblers in the 6th generation Intel Core (Skylake) processors confirm modern stream ciphers such as ChaCha8 are sufficiently fast that it is now possible to completely overlap keystream generation with DRAM row buffer access latency, thereby enabling the creation of strongly encrypted DRAMs with zero exposed latency.
i-NVMM: A secure non-volatile main memory system with incremental encryption
TLDR
i-NVMM is introduced, a data privacy protection scheme for NVMM, where the main memory is encrypted incrementally, i.e. different data in the mainMemory is encrypted at different times depending on whether the data is predicted to still be useful to the processor.
Mitigation of cold boot attack using an encrypted memory controller
RAMs which are widely used in PCs and laptops are likely to break the popular supposition that data in them is lost whenever power supply is cut down. It has been proved in 2008 by a group of
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 172 REFERENCES
Architectural support for copy and tamper resistant software
TLDR
The hardware implementation of a form of execute-only memory (XOM) that allows instructions stored in memory to be executed but not otherwise manipulated is studied, indicating that it is possible to create a normal multi-tasking machine where nearly all applications can be run in XOM mode.
Shredding Your Garbage: Reducing Data Lifetime Through Secure Deallocation
TLDR
It is demonstrated that secure deallocation generally clears data immediately after its last use, and that without such measures, data can remain in memory for days or weeks, even persisting across reboots.
Halting Password Puzzles: Hard-to-break Encryption from Human-memorable Keys
TLDR
A fresh redesign of Key Derivation Functions (KDF) is advocated, named Halting KDF (HKDF), which is thoroughly motivate on these grounds: by letting password owners choose the hash iteration count, it gain operational flexibility and eliminate the rapid obsolescence faced by many existing schemes.
Architecture for Protecting Critical Secrets in Microprocessors
TLDR
Unique aspects of the secret-protected (SP) architecture include: decoupling of user secrets from the devices, enabling users to securely access their keys from different networked computing devices; the use of symmetric master keys rather than more costly public-private key pairs; and the avoidance of any permanent or factory-installed device secrets.
Architecture for protecting critical secrets in microprocessors
TLDR
Unique aspects of the secret-protected (SP) architecture include: decoupling of user secrets from the devices, enabling users to securely access their keys from different networked computing devices; the use of symmetric master keys rather than more costly public-private key pairs; and the avoidance of any permanent or factory-installed device secrets.
Using memory errors to attack a virtual machine
We present an experimental study showing that soft memory errors can lead to serious security vulnerabilities in Java and .NET virtual machines, or in any system that relies on type-checking of
The Acquisition and Analysis of Random Access Memory
TLDR
The benefits and drawbacks of traditional incident response methods are discussed compared to an augmented model that includes the capture and subsequent analysis of a suspect system's memory, provides a foundation for analyzing captured memory, and provides suggestions for related work.
Low temperature data remanence in static RAM
TLDR
The conventional wisdom no longer holds that the contents of SRAM can be ‘frozen’ at temperatures below −20°C; therefore, many devices treat temperatures below this threshold as tampering events.
BootJacker: compromising computers using forced restarts
BootJacker is a proof-of-concept attack tool which demonstrates that authentication mechanisms employed by an operating system can be bypassed by obtaining physical access and simply forcing a
A hardware-based memory acquisition procedure for digital investigations
TLDR
A procedure for acquiring volatile memory using a hardware expansion card that can copy memory to an external storage device and the initial results of the hardware implementation of the procedure are presented.
...
1
2
3
4
5
...