5

Is it possible, or are there any known attacks, to get the encryption key for disk encryption tpm-luks? (Linux LUKS using encryption key stored in TPM)

I know that there are attacks like cold boot where it is possible to recover disk encryption key from RAM. Is it also applicable to LUKS with TPM?

Is there any proof or article saying that tpm-luks is not secure? I would like to use it but I need to be sure that I am doing the best in order to encrypt disk in Linux.

user1563721
  • 1,099
  • 11
  • 22

1 Answers1

5

The TPM is used to seal the LUKS secret and nothing else. Once decrypted by the TPM (i.e. the proper environment has been loaded) the secret is stored in RAM hence it can be captured by coldboot attacks.

You can look at any documentation about Bitlocker with or without a PIN depending on your setup and the same will apply to tpm-luks, e.g. wikipedia.

The PIN will have an impact on whether the attack can be done: locally vs having to remove the memory dimm and, when the system was already turned off for a long time.

There's a few projects that store the secret elsewhere (e.g. TRESOR uses the CPU) and this is what you should be looking for if you really intend protecting yourself from those.

northox
  • 1,403
  • 16
  • 26
  • 1
    I read some articles that cold boot attack is not possible on DDR3 or DDR4, do you have some experience with that? If it is true that it should be enough to secure boot loader with TPM and then use it in a standard way, in my opinion. – user1563721 Oct 17 '15 at 09:02
  • 1
    I know some manufacturers were working on fixing this but haven't seen anything and I'd be very surprised if it would fix entire set of technology,i.e. ddr3/4 as a whole. Can you share the article? I'll do some research on my side. – northox Oct 17 '15 at 11:59
  • 1
    For example: https://www1.cs.fau.de/filepool/projects/coldboot/fares_coldboot.pdf. But you can google it also. – user1563721 Oct 17 '15 at 12:40
  • Typical... offensive researches gets all the hype and defensive gets almost nothing. Still, the conclusion aren't really rock solid and leaves place to some other - more complex - attack vectors (i.e. building a custom memory controller). – northox Oct 17 '15 at 13:32
  • 1
    Take a look at this recent research - DDR3 still affected: https://youtu.be/ZHq2xG4XJXM – northox Oct 29 '15 at 13:01
  • 1
    DDR3 and DDR4 are still affected, just less so. They are more volatile, and the data is lost in seconds rather than minutes. They also have some technologies such as memory scrambling which defeats run-of-the-mill cold boot attacks, but it's almost certainly not cryptographically secure, considering it's only used to prevent successive 1s and 0s from interfering with the bus. – forest Apr 05 '16 at 02:30