Safety of encrypted data

Krishna Chaitanya Mandava ♦ February 24, 2008 ♦ Leave Your Comment

Researchers at Princeton University demonstrated a way to steal encrypted data using nothing but a simple blast of frigid air from a can of dust remover. DRAMs which hold the main memory while the system is running have been touted to lose the memory after the power is shut off. The researchers have found otherwise. DRAMs gradually lose the memory after a loss of power. This loss could vary from a few seconds to a minute. This could be used by thieves to steal data.

It was found that if you cool the DRAM chips by spraying inverted cans of air, the chips will hold the data for much longer- even for a few hours sometimes. This poses a major risk to disk encryption tools which store the master decryption keys on DRAMs. This was supposed to be a safety option because the operating system would keep malicious tools from accessing the keys. The only way to access these keys then would be to bypass the operating system by powering the computer down. The DRAMs at that point would no longer hold the keys in memory.

The research showed that a data thief could power down the computer and then boot the computer using a thumb drive containing a malicious operating system that would copy the contents of the memory. After doing that, it would be a matter of time before the keys are used to decrypt the hard drive contents. This leaves literally no options for disk encryption tools to safely store the decrypt keys. Perhaps further research will find a reliable solution for this problem.