请输入您要查询的百科知识:

 

词条 Cold boot attack
释义

  1. Technical details

  2. Uses

      Digital forensics    Malicious Intent  

  3. Circumventing full disk encryption

      Bitlocker    Mitigation    Register-based key storage    Cache-based key storage    Dismounting encrypted disks 

  4. Smartphones

  5. Ineffective countermeasures

  6. Effective countermeasures

      Physical access    {{Anchor|FME}}Full memory encryption    Securely erase memory  

  7. References

  8. External links

{{short description|a means of compromising computer security by restarting the computer}}

In computer security, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer's random access memory by performing a hard reset of the target machine. Typically, cold boot attacks are used to retrieve encryption keys from a running operating system for malicious or criminal investigative reasons.[1][2][3] The attack relies on the data remanence property of DRAM and SRAM to retrieve memory contents that remain readable in the seconds to minutes after power has been removed.[2][4][5]

An attacker with physical access to a running computer typically executes a cold boot attack by cold-booting the machine and booting a lightweight operating system from a removable disk to dump the contents of pre-boot physical memory to a file.[6][2] An attacker is then free to analyze the data dumped from memory to find sensitive data, such as the keys, using various forms of key finding attacks.[7][8] Since cold boot attacks target random access memory, full disk encryption schemes, even with a trusted platform module installed are ineffective against this kind of attack.[2] This is because the problem is fundamentally a hardware (insecure memory) and not a software issue. However, malicious access can be prevented by limiting physical access and using modern techniques to avoid storing sensitive data in random access memory.

Technical details

DIMM memory modules gradually lose data over time as they lose power, but do not immediately lose all data when power is lost.[2][9] Depending on temperature and environmental conditions, memory modules can potentially retain, at least, some data for up to 90 minutes after power loss.[9] With certain memory modules, the time window for an attack can be extended to hours or even weeks by cooling them with freeze spray. Furthermore, as the bits disappear in memory over time, they can be reconstructed, as they fade away in a predictable manner.[2] Consequently, an attacker can perform a memory dump of its contents by executing a cold boot attack. The ability to execute the cold boot attack successfully varies considerably across different systems, types of memory, memory manufacturers and motherboard properties, and may be more difficult to carry out than software-based methods or a DMA attack.[10] While the focus of current research is on disk encryption, any sensitive data held in memory is vulnerable to the attack.[2]

Attackers execute cold boot attacks by forcefully and abruptly rebooting a target machine and then booting a pre-installed operating system from a USB flash drive, CD-ROM or over the network.[3] In cases where it is not practical to hard reset the target machine, an attacker may alternatively physically remove the memory modules from the original system and quickly place them into a compatible machine under the attacker's control, which is then booted to access the memory.[2] Further analysis can then be performed against the data dumped from RAM.

A similar kind of attack can also be used to extract data from memory, such as a DMA attack that allows the physical memory to be accessed via a high-speed expansion port such as FireWire.[3] A cold boot attack may be preferred in certain cases, such as when there is high risk of hardware damage. Using the high-speed expansion port can short out, or physically damage hardware in certain cases.[3]

Uses

Cold boots attacks are typically used for digital forensic investigations, malicious intent such as theft, and data recovery.[3]

Digital forensics

In certain cases, a cold boot attack is used in the discipline of digital forensics to forensically preserve data contained within memory as criminal evidence.[3] For example, when it is not practical to preserve data in memory through other means, a cold boot attack may be used to perform a dump of the data contained in random access memory. For example, a cold boot attack is used in situations where a system is secured and it is not possible to access the computer.[3] A cold boot attack may also be necessary when a hard disk is encrypted with full disk encryption and the disk potentially contains evidence of criminal activity. A cold boot attack provides access to the memory, which can provide information about the state of the system at the time such as what programs are running.[3]

Malicious Intent

A cold boot attack may be used by attackers to gain access to encrypted information such as financial information or trade secrets for malicious intent.[11]

Circumventing full disk encryption

A common purpose of cold boot attacks is to circumvent software-based disk encryption. Cold boot attacks when used in conjunction with key finding attacks have been demonstrated to be an effective means of circumventing full disk encryption schemes of various vendors and operating systems, even where a Trusted Platform Module (TPM) secure cryptoprocessor is used.[2]

In the case of disk encryption applications that can be configured to allow the operating system to boot without a pre-boot PIN being entered or a hardware key being present (e.g. BitLocker in a simple configuration that uses a TPM without a two-factor authentication PIN or USB key), the time frame for the attack is not limiting at all.[2]

Bitlocker

Bitlocker in its default configuration uses a trusted platform module that neither requires a pin, nor an external key to decrypt the disk. When the operating system boots, BitLocker retrieves the key from the TPM, without any user interaction. Consequently, an attacker can simply power on the machine, wait for the operating system to begin booting and then execute a cold boot attack against the machine to retrieve the key. Due to this, two-factor authentication, such as a pre-boot PIN or a removable USB device containing a startup key together with a TPM should be used to work around this vulnerability in the default Bitlocker implementation.[12][5] However, this workaround does not prevent an attacker from retrieving sensitive data from memory, nor from retrieving encryption keys cached in memory.

Mitigation

Since a memory dump can be easily performed by executing a cold boot attack, storage of sensitive data in RAM, like encryption keys for full disk encryption is unsafe. Several solutions have been proposed for storing encryption keys in areas, other than random access memory. While these solutions may reduce the chance of breaking full disk encryption, they provide no protection of other sensitive data stored in memory.

Register-based key storage

One solution for keeping encryption keys out of memory is register-based key storage. Implementations of this solution are TRESOR[13] and Loop-Amnesia[14]. Both of these implementations modify the kernel of an operating system so that CPU registers (in TRESOR's case the x86 debug registers and in Loop-Amnesia's case the AMD64 or EMT64 profiling registers) can be used to store encryption keys, rather than in RAM. Keys stored at this level cannot easily be read from userspace{{citation needed|date=December 2015}} and are lost when the computer restarts for any reason. TRESOR and Loop-Amnesia both must use on-the-fly round key generation due to the limited space available for storing cryptographic tokens in this manner. For security, both disable interrupts to prevent key information from leaking to memory from the CPU registers while encryption or decryption is being performed, and both block access to the debug or profile registers.

There are two potential areas in modern x86 processors for storing keys: the SSE registers which could in effect be made privileged by disabling all SSE instructions (and necessarily, any programs relying on them), and the debug registers which were much smaller but had no such issues.

A proof of concept distribution called paranoix based on the SSE register method has been developed.[15] The developers claim that "running TRESOR on a 64-bit CPU that supports AES-NI, there is no performance penalty compared to a generic implementation of AES",[16] and run slightly faster than standard encryption despite the need for key recalculation.[13] The primary advantage of Loop-Amnesia compared to TRESOR is that it supports the use of multiple encrypted drives; the primary disadvantages are a lack of support for 32-bit x86 and worse performance on CPUs not supporting AES-NI.

Cache-based key storage

"frozen cache" (sometimes known as "cache as RAM"),[17] may be used to securely store encryption keys. It works by disabling a CPU's CPU's L1 cache and uses it for key storage, however, this may significantly degrade overall system performance to the point of being too slow for most purposes.[18]{{Better source|reason=A blog site with someone's opinion is a weak source since anyone could have written it. The information is not easily verifiable.|date=November 2018}}

A similar cache-based solution was proposed by Guan et al. (2015)[19] by employing the WB (Write-Back) cache mode to keep data in caches, reducing the computation times of public key algorithms.

Mimosa[20] in IEEE S&P 2015 presented a more practical solution for public-key cryptographic computations against cold-boot attacks and DMA attacks. It employs hardware transactional memory (HTM) which was originally proposed as a speculative memory access mechanism to boost the performance of multi-threaded applications. The strong atomicity guarantee provided by HTM, is utilized to defeat illegal concurrent accesses to the memory space that contains sensitive data. The RSA private key is encrypted in memory by an AES key that is protected by TRESOR. On request, an RSA private-key computation is conducted within an HTM transaction: the private key is firstly decrypted into memory, and then RSA decryption or signing is conducted. Because a plain-text RSA private key only appears as modified data in an HTM transaction, any read operation to these data will abort the transaction - the transaction will roll-back to its initial state. Note that, the RSA private key is encrypted in initial state, and it is a result of write operations (or AES decryption). Currently HTM is implemented in caches or store-buffers, both of which are located in CPUs, not in external RAM chips. So cold-boot attacks are prevented. Mimosa defeats against attacks that attempt to read sensitive data from memory (including cold-boot attacks, DMA attacks, and other software attacks), and it only introduces a small performance overhead.

Dismounting encrypted disks

Best practice recommends dismounting any encrypted, non-system disks when not in use, since most disk encryption software is designed to securely erase keys cached in memory after use.[21] This reduces the risk of an attacker being able to salvage encryption keys from memory by executing a cold boot attack. To minimize access to encrypted information on the operating system hard disk, the machine should be completely shut down when not in use to reduce the likelihood of a successful cold boot attack.[2][22] However, data may remain readable from tens of seconds to several minutes depending upon the physical RAM device in the machine, potentially allowing some data to be retrieved from memory by an attacker. Configuring an operating system to shut down or hibernate when unused, instead of using sleep mode, can help mitigate the risk of a successful cold boot attack.

Smartphones

The cold boot attack can be adapted and carried out in a similar manner on Android smartphones.[9] Since smartphones lack a reset button, a cold boot can be performed by disconnecting the phone's battery to force a hard reset.[9] The smartphone is then flashed with an operating system image that can perform a memory dump. Typically, the smartphone is connected to an attacker's machine using a USB port.

Typically, Android smartphones securely erase encryption keys from random access memory when the phone is locked.[9] This reduces the risk of an attacker being able to retrieve the keys from memory, even if they succeeded in executing a cold boot attack against the phone.

Ineffective countermeasures

Memory scrambling may be used to minimize undesirable parasitic effects of semiconductors as a feature of modern Intel Core processors.[23][24][25][26]

However, because the scrambling is only used to decorrelate any patterns within the memory contents, the memory can be descrambled via a descrambling attack.[27][28] Hence, memory scrambling is not a viable mitigation against cold boot attacks.

Sleep mode provides no additional protection against a cold boot attack because data typically still resides in memory while in this state. As such, full disk encryption products are still vulnerable to attack because the keys reside in memory and do not need to be re-entered once the machine resumes from a low power state.

Although limiting the boot device options in the BIOS may make it slightly less easy to boot another operating system, firmware in modern chipsets tends to allow the user to override the boot device during POST by pressing a specified hot key.[5][29][30] Limiting the boot device options will not prevent the memory module from being removed from the system and read back on an alternative system either. In addition, most chipsets provide a recovery mechanism that allows the BIOS settings to be reset to default even if they are protected with a password.[11][31] The BIOS settings can also be modified while the system is running to circumvent any protections enforced by it, such as memory wiping or locking the boot device.[32][33][34]

Effective countermeasures

Physical access

Typically, a cold boot attack can be prevented by limiting an attacker's physical access to the computer or by making it increasingly difficult to carry out the attack. One method involves soldering or gluing in the memory modules onto the motherboard, so they cannot be easily removed from their sockets and inserted into another machine under an attacker's control.[2] However, this does not prevent an attacker from booting the victim's machine and performing a memory dump using a removable USB flash drive. A mitigation such as UEFI Secure Boot or similar boot verification approaches can be effective in preventing an attacker from booting up a custom software environment to dump out the contents of soldered-on main memory.[35]

{{Anchor|FME}}Full memory encryption

Encrypting random access memory (RAM) mitigates the possibility of an attacker being able to obtain encryption keys or other material from memory via a cold boot attack. This approach may require changes to the operating system, applications, or hardware. One example of hardware-based memory encryption was implemented in the Microsoft Xbox.[36]

Software-based full memory encryption is similar to CPU-based key storage since key material is never exposed to memory, but is more comprehensive since all memory contents are encrypted. In general, only immediate pages are decrypted and read on the fly by the operating system.[37] Implementations of software-based memory encryption solutions include: a commercial product from PrivateCore.[38][39][40] and RamCrypt, a kernel-patch for the Linux kernel that encrypts data in memory and stores the encryption key in the CPU registers in a manner similar to TRESOR.[13][37]

More recently, several papers have been published highlighting the availability of security-enhanced x86 and ARM commodity processors.[41][42] In that work, an ARM Cortex A8 processor is used as the substrate on which a full memory encryption solution is built. Process segments (for example, stack, code or heap) can be encrypted individually or in composition. This work marks the first full memory encryption implementation on a general-purpose commodity processor. The system provides both confidentiality and integrity protections of code and data which are encrypted everywhere outside the CPU boundary.

Securely erase memory

Since cold boot attacks target unencrypted random access memory, one solution is to erase sensitive data from memory when it is no longer in use. The "TCG Platform Reset Attack Mitigation Specification",[43] an industry response to this specific attack, forces the BIOS to overwrite memory during POST if the operating system was not shut down cleanly. However, this measure can still be circumvented by removing the memory module from the system and reading it back on another system under the attacker's control that does not support these measures.[2]

Some operating systems such as Tails[44] provide a feature that securely writes random data to system memory when the operating system is shutdown to mitigate against a cold boot attack.

A secure erase feature that if power is interrupted wipes the RAM in the <300ms before power is lost in conjunction with a secure BIOS and hard drive/SSD controller that encrypts data on the M-2 and SATAx ports would also be effective. If the RAM itself contained no serial presence or other data and the timings were stored in the BIOS with some form of failsafe requiring a hardware key to change them it would be nearly impossible to recover any data and would also be immune to TEMPEST attacks, man-in-the-RAM and other possible infiltration methods.{{citation needed|date=February 2019}}

References

1. ^{{cite conference|last=MacIver|first=Douglas|location=HITBSecConf2006, Malaysia|url=http://www.secguru.com/files/hitbsecconf2006kl/DAY%202%20-%20Douglas%20MacIver%20-%20Pentesting%20BitLocker.pdf|publisher=Microsoft|title=Penetration Testing Windows Vista BitLocker Drive Encryption|accessdate=2008-09-23|date=2006-09-21|ref=harv}}
2. ^10 11 12 {{Cite journal| doi = 10.1145/1506409.1506429| issn = 0001-0782| volume = 52| issue = 5| pages = 91–98| last1 = Halderman| first1 = J. Alex| last2 = Schoen| first2 = Seth D.| last3 = Heninger| first3 = Nadia| last4 = Clarkson| first4 = William| last5 = Paul| first5 = William| last6 = Calandrino| first6 = Joseph A.| last7 = Feldman| first7 = Ariel J.| last8 = Appelbaum| first8 = Jacob| last9 = Felten| first9 = Edward W.| title = Lest we remember: cold-boot attacks on encryption keys| journal = Communications of the ACM| date = 2009-05-01| url = https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf}}
3. ^{{Cite conference| publisher = Defence Research and Development Canada| last1 = Carbone| first1 = Richard| last2 = Bean| first2 = C| last3 = Salois| first3 = M| title = An in-depth analysis of the cold boot attack| date = January 2011| url = https://forensicfocus.files.wordpress.com/2011/08/cold_boot_attack_for_forensiscs1.pdf}}
4. ^{{Cite conference| publisher = University of Cambridge| last = Skorobogatov| first = Sergei| title = Low temperature data remanence in static RAM| date = June 2002| url = https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-536.pdf}}
5. ^{{cite web|url=http://blogs.msdn.com/si_team/archive/2008/02/25/protecting-bitLocker-from-cold-attacks-and-other-threats.aspx|publisher=Microsoft|date=2008-02-25|accessdate=2008-09-23|first=Douglas|last=MacIver|title=System Integrity Team Blog: Protecting BitLocker from Cold Attacks (and other threats)|ref=harv}}
6. ^{{Cite| publisher = Center for Information Technology Policy| last = Center for Information Technology Policy| title = Memory Research Project Source Code| location = Princeton University| accessdate = 2018-11-06| date = 2008-06-16| url = https://citp.princeton.edu/research/memory/code/}}
7. ^{{cite press release|url=http://www.prnewswire.com/news-releases/passware-software-cracks-bitlocker-encryption-open-78212917.html|title=Passware Software Cracks BitLocker Encryption Open|date=2009-12-01|publisher=PR Newswire}}
8. ^{{Cite conference| doi = 10.1109/ARES.2008.109| conference = 2008 Third International Conference on Availability, Reliability and Security| pages = 1369–1376| last1 = Hargreaves| first1 = C.| last2 = Chivers| first2 = H.| title = Recovery of Encryption Keys from Memory Using a Linear Scan| booktitle = 2008 Third International Conference on Availability, Reliability and Security| date = March 2008 |url = https://www.researchgate.net/profile/Christopher_Hargreaves/publication/221548532_Recovery_of_Encryption_Keys_from_Memory_Using_a_Linear_Scan/links/53e3ae820cf21cc29fc5f5fe/Recovery-of-Encryption-Keys-from-Memory-Using-a-Linear-Scan.pdf}}
9. ^{{Cite book| last = Bali| first = Ranbir Singh| title = Cold Boot Attack on Cell Phones| location = Concordia University of Edmonton| date = July 2018| url = https://www.researchgate.net/publication/326211565}}
10. ^{{cite journal|url=http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA545078|format=pdf|title=An In-depth Analysis of the Cold Boot Attack: Can it be Used for Sound Forensic Memory Acquisition?|last=Carbone|first=R.|last2=Bean|first2=C|last3=Salois|first3=M.| date=January 2011 |publisher=Defence Research and Development Canada|location=Valcartier|ref=harv}}
11. ^{{Cite paper| publisher = Friedrich-Alexander-Universität Erlangen-Nürnberg| last = Gruhn| first = Michael| title = Forensically Sound Data Acquisition in the age of Anti-Forensic Innocence| location = Erlangen, Germany| date = 2016-11-24| url = https://d-nb.info/1122350279/34}}
12. ^{{cite web|url=https://technet.microsoft.com/en-us/library/cc732774.aspx|title=BitLocker Drive Encryption Technical Overview|publisher=Microsoft|year=2008|accessdate=2008-11-19|ref={{harvid|Bitlocker Technical Overview, 2008}}}}
13. ^TRESOR USENIX paper, 2011 {{webarchive|url=https://web.archive.org/web/20120113062139/http://www1.informatik.uni-erlangen.de/tresorfiles/tresor.pdf |date=2012-01-13 }}
14. ^{{Cite conference| publisher = ACM| doi = 10.1145/2076732.2076743| isbn = 978-1-4503-0672-0| conference = Proceedings of the 27th Annual Computer Security Applications Conference| pages = 73–82| last = Simmons| first = Patrick| title = Security through amnesia: a software-based solution to the cold boot attack on disk encryption| accessdate = 2018-11-06| date = 2011-12-05| url = https://www.ideals.illinois.edu/bitstream/handle/2142/18862/amnesia.pdf?sequence=2&isAllowed=y}}
15. ^{{Cite paper| publisher = RWTH Aachen University| last = Müller| first = Tilo| title = Cold-Boot Resistant Implementation of AES in the Linux Kernel| location = Aachen, Germany| date = 2010-05-31| url = https://faui1-files.cs.fau.de/filepool/thesis/diplomarbeit-2010-mueller.pdf}}
16. ^{{Cite web| last = Friedrich-Alexander-Universität Erlangen-Nürnberg| title = Tresor / TreVisor / Armored: TRESOR Runs Encryption Securely Outside RAM / The TRESOR Hypervisor / for Android-driven Devices| accessdate = 2018-11-06| url = https://www.cs1.tf.fau.de/research/system-security-and-software-protection-group/tresor-trevisor-armored/}}
17. ^{{cite conference|url=https://events.ccc.de/2010/12/28/frozen-cache/|title=FrozenCache – Mitigating cold-boot attacks for Full-Disk-Encryption software|first=Erik|last=Tews|conference=27th Chaos Communication|date=December 2010|ref=harv}}
18. ^Frozen Cache Blog
19. ^{{cite conference|url=http://www.internetsociety.org/sites/default/files/07_1_1.pdf|title=Copker: Computing with Private Keys without RAM|first=Le|last=Guan|first2=Jingqiang|last2=Lin|first3=Bo|last3=Luo|first4=Jiwu|last4=Jing|conference=21st ISOC Network and Distributed System Security Symposium (NDSS)|date=February 2014|ref=harv}}
20. ^{{Cite conference| doi = 10.1109/SP.2015.8| conference = 2015 IEEE Symposium on Security and Privacy| pages = 3–19| last1 = Guan| first1 = L.| last2 = Lin| first2 = J.| last3 = Luo| first3 = B.| last4 = Jing| first4 = J.| last5 = Wang| first5 = J.| title = Protecting Private Keys against Memory Disclosure Attacks Using Hardware Transactional Memory| booktitle = 2015 IEEE Symposium on Security and Privacy| date = May 2015|url = https://www.ieee-security.org/TC/SP2015/papers-archived/6949a003.pdf}}
21. ^{{cite news|url=http://www.freeotfe.org/docs/Main/FAQ.htm#de|title=Cold Boot Attacks on Encryption Keys (aka "DRAM attacks")|first=Sarah|last=Dean|date=2009-11-11|accessdate=2008-11-11|ref=harv|archiveurl=https://web.archive.org/web/20120915080532/http://www.freeotfe.org/docs/Main/FAQ.htm#de|archivedate=2012-09-15}}
22. ^{{cite news|url=http://blog.wired.com/27bstroke6/2008/02/encryption-stil.html|title=Encryption Still Good; Sleeping Mode Not So Much, PGP Says|publisher=Wired|date=2008-02-21|accessdate=2008-02-22|ref={{harvid|Wired, 2008}}}}
23. ^{{cite web | url = http://www.slideshare.net/codeblue_jp/igor-skochinsky-enpub | title = Secret of Intel Management Engine | date = 2014-03-12 | accessdate = 2014-07-13 | author = Igor Skochinsky | website = SlideShare | pages = 26–29}}
24. ^{{cite web | url = http://www.intel.com/content/dam/www/public/us/en/documents/datasheets/2nd-gen-core-desktop-vol-1-datasheet.pdf | title = 2nd Generation Intel Core Processor Family Desktop, Intel Pentium Processor Family Desktop, and Intel Celeron Processor Family Desktop | date = June 2013 | accessdate = 2015-11-03 | format = PDF | page = 23}}
25. ^{{cite web | url = http://www.intel.com/content/dam/www/public/us/en/documents/datasheets/2nd-gen-core-family-mobile-vol-1-datasheet.pdf | title = 2nd Generation Intel Core Processor Family Mobile and Intel Celeron Processor Family Mobile | date = September 2012 | accessdate = 2015-11-03 | format = PDF | page = 24}}
26. ^{{cite web | url = https://www1.cs.fau.de/filepool/projects/coldboot/fares_coldboot.pdf | title = On the Practicability of Cold Boot Attacks | author = Michael Gruhn, Tilo Muller | accessdate = 2018-07-28}}
27. ^{{Cite journal | url = https://www.sciencedirect.com/science/article/pii/S1742287616300032 | title = Lest we forget: Cold-boot attacks on scrambled DDR3 memory | journal = Digital Investigation | volume = 16 | pages = S65–S74 | author = Johannes Bauer, Michael Gruhn, Felix C. Freiling | accessdate = 2018-07-28| doi = 10.1016/j.diin.2016.01.009 | year = 2016 }}
28. ^{{cite web | url = https://web.eecs.umich.edu/~taustin/papers/HPCA17-coldboot.pdf | title = Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors | author = Salessawi Ferede, Yitbarek Misiker, Tadesse Aga | accessdate = 2018-07-28}}
29. ^{{Cite web| last = kpacquer| title = Boot to UEFI Mode or Legacy BIOS mode| work = Microsoft| accessdate = 2018-11-06| date = 2018-05-14| url = https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/boot-to-uefi-mode-or-legacy-bios-mode}}
30. ^{{Cite| publisher = University of Wisconsin-Madison| last = S| first = Ray| title = Booting to the Boot Menu and BIOS| accessdate = 2018-11-06| date = 2015-12-08| url = https://kb.wisc.edu/page.php?id=58779}}
31. ^{{Cite web| last = Dell Inc.| title = How to Perform a BIOS or CMOS Reset and/or Clear the NVRAM on your Dell System {{!}} Dell Australia| work = Dell Support| date = 2018-10-09| url = https://www.dell.com/support/article/au/en/aubsdt1/sln284985/how-to-perform-a-bios-or-cmos-reset-and-or-clear-the-nvram-on-your-dell-system}}
32. ^{{Citation|last=Ruud|first=Schramp|title=OHM2013: RAM Memory acquisition using live-BIOS modification|date=2014-06-13|url=https://www.youtube.com/watch?v=i_WvtO1NIsA|volume=|pages=|access-date=2018-07-28}}
33. ^{{Cite journal|last=Michael|first=Gruhn|date=|title=Forensically Sound Data Acquisition in the Age of Anti-Forensic Innocence|url=http://nbn-resolving.de/urn:nbn:de:bvb:29-opus4-79386|journal=|language=en|volume=|pages=67|via=}}
34. ^{{Cite journal|last=Schramp|first=R.|date=March 2017|title=Live transportation and RAM acquisition proficiency test|journal=Digital Investigation|volume=20|pages=44–53|doi=10.1016/j.diin.2017.02.006|issn=1742-2876}}
35. ^{{cite conference |url=https://www.blackhat.com/docs/us-14/materials/us-14-Weis-Protecting-Data-In-Use-From-Firmware-And-Physical-Attacks-WP.pdf#page=2 |title=Protecting Data In-Use from Firmware and Physical Attacks. |language=en |vauthors=Weis S, ((PrivateCore)) |date=2014-06-25 |conference=Black Hat USA 2014 |conference-url=https://www.blackhat.com/us-14/archives.html#Weis |page=2 |format=PDF |publication-place=Palo Alto, California, U. S. A.}}
36. ^B. Huang "Keeping Secrets in Hardware: The Microsoft Xbox Case Study", "CHES 2002 Lecture Notes in Notes in Computer Science Volume 2523", 2003
37. ^{{Cite conference| publisher = ACM| doi = 10.1145/2897845.2897924| isbn = 978-1-4503-4233-9| pages = 919–924| last1 = Götzfried| first1 = Johannes| last2 = Müller| first2 = Tilo| last3 = Drescher| first3 = Gabor| last4 = Nürnberger| first4 = Stefan| last5 = Backes| first5 = Michael| title = RamCrypt: Kernel-based Address Space Encryption for User-mode Processes| booktitle = Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security| location = New York, NY, USA| series = ASIA CCS '16| accessdate = 2018-11-07| date = 2016| url = https://faui1-files.cs.fau.de/filepool/projects/ramcrypt/ramcrypt.pdf}}
38. ^Y. Hu, G. Hammouri, and B. Sunar "A fast real-time memory authentication protocol", "STC '08 Proceedings of the 3rd ACM workshop on Scalable trusted computing", 2008
39. ^G. Duc and R. Keryell, "CryptoPage: an efficient secure architecture with memory encryption, integrity and information leakage protection", Dec. 2006
40. ^X. Chen, R. P. Dick, and A. Choudhary "Operating system controlled processor-memory bus encryption", "Proceedings of the conference on Design, automation and test in Europe", 2008
41. ^M. Henson and S. Taylor "Beyond full disk encryption:protection on security-enhanced commodity processors", "Proceedings of the 11th international conference on applied cryptography and network security", 2013
42. ^M. Henson and S. Taylor "Memory encryption: a survey of existing techniques", "ACM Computing Surveys volume 46 issue 4", 2014
43. ^{{cite web|url=https://www.trustedcomputinggroup.org/resources/pc_client_work_group_platform_reset_attack_mitigation_specification_version_10/|title=TCG Platform Reset Attack Mitigation Specification|publisher=Trusted Computing Group|accessdate=2009-06-10|date=2008-05-28}}
44. ^{{Cite web| title = Tails - Protection against cold boot attacks| accessdate = 2018-11-07| url = https://tails.boum.org/doc/advanced_topics/cold_boot_attacks/index.en.html}}

External links

  • {{YouTube|JDaicPIgn9U|Lest We Remember: Cold Boot Attacks on Encryption Keys}}
  • [https://web.archive.org/web/20080516212552/http://mcgrewsecurity.com/projects/msramdmp/ McGrew Security's Proof of Concept]
  • [https://www.theregister.co.uk/2013/02/16/frost_android_encryption_crack/ Boffins Freeze Phone to Crack Android On-Device Crypto]
  • {{cite journal|title=Low temperature data remanence in static RAM|first=Sergei|last=Skorobogatov|publisher=University of Cambridge, Computer Laboratory| date=June 2002 |url=http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-536.html|accessdate=2008-02-27|ref=harv}}
{{DEFAULTSORT:Cold Boot Attack}}

3 : Disk encryption|Side-channel attacks|Computer security exploits

随便看

 

开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。

 

Copyright © 2023 OENC.NET All Rights Reserved
京ICP备2021023879号 更新时间:2024/11/11 18:48:07