[EMAIL PROTECTED] (Perry E. Metzger) on Thursday, February 21, 2008 wrote: > >Ed Felten blogs on his latest research: > >http://www.freedom-to-tinker.com/?p=1257 > >Excerpt: > > Today eight colleagues and I are releasing a significant new > research result. We show that disk encryption, the standard > approach to protecting sensitive data on laptops, can be defeated > by relatively simple methods. We demonstrate our methods by using > them to defeat three popular disk encryption products: BitLocker, > which comes with Windows Vista; FileVault, which comes with MacOS > X; and dm-crypt, which is used with Linux. > >More info: http://citp.princeton.edu/memory > >Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
Their key recovery technique gets a lot of mileage from using the computed key schedule for each round of AES or DES to provide redundant copies of the bits of the key. If the computer cleared the key schedule storage, while keeping the key itself when the system is in sleep mode, or when the screen-saver password mode kicks in, this attack would be less possible. If, in addition, the key was kept XORed with the secure hash of a large block of random memory, as suggested in their countermeasures section, their attacks would be considerably more difficult. These seem to be simple, low overhead countermeasures that provide value for machines like laptops in transit. Cheers - Bill ------------------------------------------------------------------------- Bill Frantz | The first thing you need when | Periwinkle (408)356-8506 | using a perimeter defense is a | 16345 Englewood Ave www.pwpconsult.com | perimeter. | Los Gatos, CA 95032 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]