IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [cold-boot-attack]

An active or semi-active side-channel attack that involves turning off or resetting the device forcibly, then reading the contents of its memory before it decays or changes substantially.

An active or semi-active attack that involves turning off or resetting the device forcibly, then reading the contents of its memory before it decays or changes substantially.

22 questions
47
votes
9 answers

How to prevent a hosting company from accessing a VM's encryption keys?

I want to prevent potential theft of my web application (source code + database) by my local hosting company, that I don't fully trust for some reason (but have no other choice but to use as they give, by far, the best latency over here). I'm…
BenMorel
  • 909
  • 1
  • 7
  • 13
10
votes
2 answers

Methods of cold boot attacks in the wild

As far as I know, there are two methods for performing cold boot attacks: Reboot the system into an alternate operating system or BIOS with a minimal memory footprint which automatically exports memory to persistent media. Physically remove the…
forest
  • 64,616
  • 20
  • 206
  • 257
9
votes
1 answer

Are encryption keys wiped from RAM before hibernate, or how to do it (Luks and Truecrypt)

Using Linux, I have system and swap/hibernation partitions encrypted with LUKS, and data partitions encrypted with Truecrypt, and I am wondering when I put my laptop to hibernation if the encryption keys are wiped from the RAM before the computer is…
cyril42e
  • 191
  • 3
9
votes
1 answer

How long would a computer have to be off to be resistant to a cold boot attack?

I understand that the longer a computer is off, the more resistant it is to a cold boot attack. I also understand that an AES key can be reconstructed from a redundant round key schedule even after a large percentage of the bits in memory have…
Zen Hacker
  • 571
  • 1
  • 3
  • 11
8
votes
5 answers

Way to protect from cold boot attack

After reading some research papers about cold boot attack, I got a big shock and start searching for ways to protect against that kind of vulnerability. I got one solution that is using BitLocker pin access to RAM. But I have still a…
Crypt0er
  • 101
  • 5
7
votes
2 answers

Is tails os susceptible to a cold boot attack?

I've looked at the documentation and it mentions that upon shutdown the data residing in the ram is overwritten, however it doesn't go into any detail on how it does this. Documentation link:…
Dane
  • 233
  • 1
  • 8
5
votes
3 answers

Are there volatile memory chips which dont retain data after power off?

It was demonstrated that dram modules can retain information up to 10 min after power off in certain conditions. My question - are there memory types which will retain data 10 sec at max even if being frozen (aka cold boot attack)? EDIT. I want to…
Boppity Bop
  • 245
  • 2
  • 7
5
votes
1 answer

Why isn't there a FROST-like cold boot exploit for iOS?

I know there's a cold boot attack for Android called FROST (Forensic Recovery Of Scrambled Phones). But there doesn't seem to be one for iOs. Why is this? Is it because iOS is inherently more secure and more resistant to such attacks? Or is it…
Zen Hacker
  • 571
  • 1
  • 3
  • 11
5
votes
1 answer

LUKS TPM disk encryption attacks

Is it possible, or are there any known attacks, to get the encryption key for disk encryption tpm-luks? (Linux LUKS using encryption key stored in TPM) I know that there are attacks like cold boot where it is possible to recover disk encryption key…
user1563721
  • 1,099
  • 11
  • 22
4
votes
3 answers

Software defense against cold-boot attacks

Cold boot attacks are particularly nasty. On Android, a solution is to use a Nexus device with a locked bootloader to preven flashing a custom recovery. On a PC, your safeguards are even more limited. The attacker that has access to a running laptop…
Naftuli Kay
  • 6,715
  • 9
  • 47
  • 75
3
votes
1 answer

Cold-boot attack example in the real world

I wrote a paper with a countermeasure for a cold-boot attack and am currently in rebuttal process. One reviewer struggles with the motivation behind cold-boot attacks. Specifically, he asks if there is an example of a cold-boot attack used in the…
seol
  • 31
  • 2
2
votes
1 answer

Rasberry Pi with TRESOR immune to cold boot and DMA attacks?

I would like to set up a Rasberry Pi and connect a large USB Harddrive and some webcams to run motion for homesurveillance. If I am understanding everything correctly if I get Ubuntu mate to run with the TRESOR kernel patch the system would be…
Junior J. Garland
  • 677
  • 5
  • 15
2
votes
2 answers

Is setting a firmware password on a Macbook enough to prevent cold boot attacks?

I have a Macbook configured with a firmware password required to boot from any media other than the built-in NVMe drive. In theory, this means without my password you can't boot from removable media. Is this enough to prevent cold boot attacks or…
user115400
2
votes
1 answer

Possible security risk with disk encryption key getting swapped to the hard drive

I've recently read about the cold boot method, where it's possible to obtain the key for an encrypted filesystem from DRAM. This can be done even after the computer is turned off, but it requires special equipment that is very difficult for most…
Zen Hacker
  • 571
  • 1
  • 3
  • 11
1
vote
0 answers

Cold boot attack on NAS

I'm familiar with the concept of cold boot attacks on laptop and desktop computers, where the goal is to find hidden encryption keys in the memory. I also think it's done on certain mobile phones. I also know it's hard to do, and some products like…
laddmeister
  • 26
  • 3
1
2