Contact Us     Press Kit     Blog

Press Releases

BitArmor DataControl™ Protects Against Cold Boot Attacks

A Response to Princeton Research “Lest We Remember: Cold Boot
Attacks on Encryption Keys”


PITTSBURGH, PA, February 27, 2007 — BitArmor Systems reported today that its product, DataControl™, includes technology to protect against each of the Cold Boot Attacks documented in the recent research by a team at Princeton University.

The Princeton report cites research done by BitArmor CEO Patrick McGregor as part of his Princeton Ph.D. thesis as the way to prevent such attacks and protect keys. An excerpt from the Princeton report is below:

Others have proposed architectures that would routinely encrypt the contents of memory for security purposes [28, 27]. These would apparently prevent the attacks we describe. . .

BitArmor DataControl applies the principles of McGregor’s research in a high-performance, transparent software solution that is practical for businesses to implement. It takes a defense-in-depth approach to protect against all vulnerabilities exposed by Cold Boot Attacks.

Those Cold Boot Attack scenarios are:

  • DRAM access during hibernation or within 2 minutes of shutdown.
  • DRAM access during sleep or screen-lock modes.
  • Booting an alternate operating system.

Detailed information on the Princeton Cold Boot Attack research report, Patrick McGregor’s cryptography research, and BitArmor DataControl’s Cold Boot Attack defenses can be found at www.bitarmor.com/prevent-cold-boot-attacks.

About BitArmor
BitArmor is the provider of DataControl™, powerful new software that provides a faster, easier, more cost-effective way to protect and manage sensitive data throughout any organization. Unlike traditional solutions that only deal with information at specific points in the system, BitArmor DataControl software attaches a Smart Tag™ directly to the data itself — a tag that travels with the data and allows you to secure, track, and control it regardless of where it is stored or sent. BitArmor helps companies protect valuable data assets, achieve regulatory compliance, and manage data throughout its functional lifecycle.

PDF PDF Version


"We needed to protect customer information from all of our stores as part of our commitment to meet PCI standards. We realized that controlling data only after it reaches our servers is no longer enough. BitArmor DataControl allows us to control the data from the moment it is created, as it travels over networks and is stored within the data center, through deletion, with absolutely no changes required to any of our existing applications, networks, or storage devices. Helping us meet the PCI requirements, without having to alter our infrastructure, was key for us."

–Director of Information Security,
  publicly traded North American
  sporting goods retailer.