Jump to content
Tuts 4 You

Disk Encryption May Not Be Secure Enough, New Research Finds


Recommended Posts

Disk encryption may not be secure enough, new research finds

Computer scientists have discovered a novel way to bypass the encryption used in programs like Microsoft's BitLocker and Apple's FileVault and then view the contents of supposedly secure files.

In a paper (PDF) published Thursday that could prompt a rethinking of how to protect sensitive data, the researchers describe how they can extract the contents of a computer's memory and discover the secret encryption key used to scramble files. (I tested these claims by giving them a MacBook with FileVault; here's a slideshow.)

"There seems to be no easy remedy for these vulnerabilities," the researchers say. "Simple software changes are likely to be ineffective; hardware changes are possible but will require time and expense; and today's Trusted Computing technologies appear to be of little help because they cannot protect keys that are already in memory. The risk seems highest for laptops, which are often taken out in public in states that are vulnerable to our attacks. These risks imply that disk encryption on laptops may do less good than widely believed."

The nine researchers listed on the paper include San Francisco-area programmers Jacob Appelbaum and Seth Schoen and a team of Princeton University computer scientists such as graduate students J. Alex Halderman and Nadia Heninger and professor Ed Felten. The paper is titled "Lest We Remember: Cold Boot Attacks on Encryption Keys."

Link to comment
Share on other sites

If the FBI didn't already know of this technique I would be surprised. Security agencies have been stressing over the strength of encryption over the past few years... :lol:


Link to comment
Share on other sites


The technique is not new indeed, I remember something similar since a lot of time, but theoretically speaking. This is the first exploit I see. Anyway not tall the ram types should be vulnerable, for example SRAM are not vulnerable because use flip-flops to hold the status, not condenser, or ECC RAM because clean the content of cells at powerup.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...