Advances in software protect against Cold Boot attacks

Many said it couldn’t happen. Then Jacob Applebaum published online all utilities necessary to perpetrate a Cold Boot attack. The panacea of laptop protection — disk encryption — has lost its luster.

Or has it?

Gaps in disk encryption exposed by the Princeton University research on Cold Boot attacks can be filled. BitArmor has done it and has presented these techniques at Black Hat 2008.

Cold Boot first came to light in February of 2008 after a team of Princeton researchers releases a paper titled: "Lest We Remember: Cold Boot Attacks on Encryption Keys." The paper identifies that a computer’s RAM is vulnerable to attack through a mechanism as simple as booting a laptop over a network or from a USB drive and scanning for encryption keys.

With Applebaum’s revelations, the technical skill necessary to Cold Boot a computer has significantly decreased. Now, just having physical access to a machine and a USB drive can get a hacker access to encrypted data. Fortunately, BitArmor has developed advanced disk encryption software that defend against the Cold Boot attacks published by the Princeton team.

Cold Boot attacks can be prevented.

BitArmor disk encryption technology prevents the following types of Cold Boot attacks:

• DRAM access during hibernation and after shutdown: BitArmor scrubs keys using KeyScrubber™ technology immediately before the computer shuts down or goes into hibernation mode – accessing the memory will yield nothing.
• DRAM access during sleep or screen-lock modes: BitArmor uses patent-pending cryptographic, OS and processor architecture techniques to provide robust protection. By creating a “virtual secure enclave” for encryption keys in software, an attacker cannot extract critical keys from memory – even if the RAM is super-cooled.
• Booting an alternate operating system to recover RAM contents: BitArmor uses patent pending, advanced memory system techniques to prevent this attack.
• Super-cooling RAM: Using built-in temperature sensors, BitArmor can lock down the system in reaction to temperature drops that may indicate a Cold Boot attack is in progress.