8

After reading some research papers about cold boot attack, I got a big shock and start searching for ways to protect against that kind of vulnerability. I got one solution that is using BitLocker pin access to RAM. But I have still a concern.

  1. Windows 10 Latest patch can protect cold boot attack?
  2. DDR3 or DDR4 RAM still have vulnerability?
  3. Is there another way to protect rather than BitLocker pin?
Marcus Müller
  • 5,843
  • 2
  • 16
  • 27
Crypt0er
  • 101
  • 5
  • I don't see how BitLocker, or pin access, has anything to do with cold boot attacks. Can you explain what you mean, by **editing** your question, please? – Marcus Müller Mar 04 '20 at 16:15
  • 2
    Solutions are all going to be hardware based, like putting it in a box to slow down attackers or adding explosives to it to destroy the RAM on chassis intrusion. – user Mar 04 '20 at 16:17
  • @user Using explosives is a terrible (and likely highly illegal) idea. – forest Jan 02 '21 at 05:09
  • @forest Depending on what secrets you're trying to protect that might still be an acceptable option. – user Jan 04 '21 at 13:39
  • @user It never is, unless the goal is to kill whoever is trying to open it. The acceptable option is to wipe a key which is just as, if not more, effective than using explosives. – forest Jan 09 '21 at 21:51
  • For the most part, Cold Boot Attacks are laboratory demonstrations where the target machine has been prepped in advance for quick and easy access before freezing the ram. Unless you see a liquid nitrogen truck park outside your window, it's not a practical concern. – user10216038 Oct 17 '21 at 23:00
  • @user10216038 AFAIK, a cold boot attack requires just a bottle of so called “canned air”, not liquid nitrogen. So it's much cheaper than you assume. See, for example, “Cold Boot Attack on DDR2 and DDR3” RAM by Marko Schuba https://www.youtube.com/watch?v=ZHq2xG4XJXM . – beroal Oct 19 '21 at 03:04
  • @beroal - A good video, thank you. *Note that I was indulging in a bit of hyperbole.* – user10216038 Oct 20 '21 at 18:46

5 Answers5

5

Windows 10 Latest patch can protect cold boot attack?

No.

DDR3 or DDR4 RAM still have vulnerability?

DDR3 and DDR4 retain memory for a shorter period of time than DDR2, but cold boots are still possible. DDR4 additionally uses memory scrambling (for purposes of electrical reliability), but the scrambling algorithm, which is an LFSR, is not designed for security and can be broken.

Is there another way to protect rather than BitLocker pin?

A BitLocker pin does not protect from cold boot attacks.

Some modern AMD CPUs support full and transparent memory encryption called SME and branded as "Memory Guard". I don't know if you can enable the full memory encryption from Windows. Other than that, all you can really do is use physical security. Use strong encryption, and always turn off your computer before you leave it unattended. As long as you are with your computer for a few seconds after it has powered down, the chances of recovering any memory quickly becomes nil.

forest
  • 64,616
  • 20
  • 206
  • 257
2

The idea of a coldboot attack is to freeze the RAM while the operating system is still running (for example whilst you are on lunch break and your box is running but the screenlocker is enabled). This results in the RAM not loosing the data even if it looses power. An attacker can then reboot the device using his own operating system and extract any data from the RAM he desires. Most interesting is usually the cryptographic key used to decrypt the harddrive. This can then be used by the attacker to decrypt your harddrive and access any data he likes.

For a successful attack, the attacker needs all of these to apply:

  1. The data he is after needs to be in your RAM
  2. He needs to be able to freeze your RAM
  3. He needs to be able to boot your computer into specially prepared system OR take out your RAM to access it in another system.

1.) Your operating system cannot access the data stored on your harddrive without the cryptographic key to decrypt it. This key needs to be stored in the RAM, you cannot avoid it. The only way to work around this is to shut down your computer whenever you leave.

2.) You can work around this by applying physical security measures such as tamper switches that wipe your RAM if the case is open. This might help against some attackers but a well prepared attacker that knows about the measures you applied will find a way to circumvent them.

3.) You could use a BIOS /UEFI that wipes your RAM as soon as your computer is turned on. An attacker would need to take out your RAM in order to read it out externally. Maybe you are able to apply physical protection against this, but a well prepared attacker will find a way to circumvent this, too.

In the end I think you should think about your threat model. Which attackers are actually relevant to you and your scenario? Is this actually the easiest way to get access to your data? Also remember the xkcd ;-)

user
  • 152
  • 9
Niklas
  • 73
  • 7
0

I believe that implementing something like TRESOR, which involves storing an AES decryption key in CPU registers, would be the only possible way of mitigating a cold boot attack in software, but I'm not sure what the implications (performance or compatibility with existing programs) are for typical Linux systems. In the paper, TRESOR appears to dedicate debug registers to the encryption key, so it's possible that various debugging tools would fail to run correctly.

The original paper notes some potential attack vectors, but most of them are either not "cold boot" attacks or would be significantly harder to execute than a regular cold boot attack on RAM.

For hardware mitigations, because cold boot attacks require reading from the computer memory after a reset or hardware swap, it may be sufficient to implement a RAM-scrub and shutdown on chassis intrusion paired with physical barriers to make it harder to freeze and remove memory. Blocking access to ports to prevent changing the boot device without chassis intrusion would also be a requirement in this case.

user
  • 606
  • 7
  • 11
  • Debugging tools would work fine. TRESOR uses the x86 hardware debugging registers, and modern debugging software uses software, not hardware, breakpoints. As for the performance implications, there really aren't that many if the system supports AES-NI. The only real perf hit is caused by the fact that the key schedule needs to be recomputed on the fly. CPUs with fast implementations of `AESKEYGENASSIST` show the least performance hit. Also you'd want to patch TRESOR so NMIs and SMIs are disabled, otherwise you may find the keys being pushed to RAM from time to time. – forest Jan 02 '21 at 02:53
0

Considering specifically the variant of a cold boot attack where an attacker disconnects memory modules from a victim's computer and connects them to the attacker's computer, one way to protect from this attack is to use memory chips that clear their contents when powered up.

Considering a wider range of attacks when an attacker supplies power to memory modules while transferring them or reads electrical signals from memory module contacts, one way to protect from these attacks is an intrusion detection system which clears memory contents when the case of the computer is opened.

Unfortunately, all these protection methods requires non-standard hardware.

beroal
  • 139
  • 6
-5

How about TPM + Veracrypt (or any other)? That should do the trick. Rowhammer effect can't be fully mitigated for now.

Rashad Novruzov
  • 658
  • 2
  • 13
  • 2
    I'm not sure what Rowhammer has to do with a cold boot attack. – user Mar 04 '20 at 19:44
  • @user According to second question of poster. DDR3-DDR4 besides storing encrypted data in cleartext have this vulnerabilty that can be exploited during cold boot to gain some privileges, and eventually do something (like run some machine code to overwrite data on a row that contains ciphertext for example) – Rashad Novruzov Mar 04 '20 at 20:49
  • 1
    But it's a cold boot attack? I'm not sure why software exploits are any concern here. Is the attacker trying to exploit his own system after he restarts the machine and boots it into his own operating system? – user Mar 04 '20 at 20:55
  • This type of attack can be exploited at any given time. Without TPM, it quite vulnerable using preOS load encryption defense. – Rashad Novruzov Mar 04 '20 at 21:00
  • 2
    @RashadNovruzov that still doesn't have anything to do with cold boot attacks. – Marcus Müller Mar 07 '20 at 11:21
  • You are all wrong. Rowhammer have and can be used in cold boot attack. Refer to these materials: https://arstechnica.com/information-technology/2018/11/potentially-disastrous-rowhammer-bitflips-can-bypass-ecc-protections/ – Rashad Novruzov Mar 07 '20 at 20:19
  • 1
    @RashadNovruzov Have you bothered to read the article that you linked you may have noticed that they used cold boot attacks to reverse engineer the ECC implementation. There is literally nothing in that article about using rowhammer in conjunction with a cold boot attack to read the memory. – user Mar 09 '20 at 12:51
  • @user Please try to understand what I am trying to say. When you implement Bitlocker on boot protection, It is possible to use Rowhammer in order to change the data stored in RAM. – Rashad Novruzov Mar 09 '20 at 14:37
  • 1
    @RashadNovruzov That has nothing to do with a cold boot attack. – user Mar 09 '20 at 14:49
  • @user it has to do with poster's question. Number three. – Rashad Novruzov Mar 09 '20 at 15:18
  • This answer is wrong. Rowhammer and cold boots have nothing to do with each other. Do you even know what a cold boot attack _is_? And TPMs neither affect Rowhammer nor cold boots. -1 – forest Jan 03 '21 at 02:07