Hi Volker, on Sat, Feb 23, 2008 at 10:15:22PM +0100, you wrote: > > http://iht.com/articles/2008/02/22/technology/chip.php > > don't panic. Just because something works in a lab, does not mean that it > works outside of it too. So they were able to freeze some ram and get some > information of it. So what? First of all - how man times will someone be able > to steal a computer and freeze its ram seconds after it was shut of? Who > guarantees that the decayed parts are not the ones holding the key? even a > couple of flipped bits make the data useless. And who guarantees that the > dram survives the forces when it is cooled down in tens of seconds and heated > up (through the current) afterwards?
I agree with the "don't panic" part but not your reasons for it. There is a real danger for *some* of us but it's fairly easy to circumvent for most. How often will someone be able to steal a computer with live key material in RAM? Well, how many laptops are being carried around suspended to RAM? A pretty large percentage of them I suppose. So far, if you didn't have a screen saver with an exploitable buffer overflow (very very unlikely) or an unprotected IEEE1394 port (unlikely on Linux today) the attacker's only chance to get at the data was to cut the power, boot some other media and attack the disk, and with AES or similar encryption that chance was not very good. Now you can leave the power on, dump a can of cooling spray on the SO-DIMM (they easily survive that, you can take your time with the power on), then take it out, drop it in liquid N and take it home (you could do that before of course, but it's widely know now ;) And a couple of flipped bits are no obstacle at all for a cryptoanalyst. A computer that can brute-force 10^11 keys a second needs an average of ~5*10^19 years to crack a 128 bit key. With 8 random flipped bits in an otherwise intact key it should come down to less than five days which I think is a pretty good gain. Makes it viable for people who might just be after some blueprints[0], not just the NSA with super duper UFO technology. So if you have sensitive data on a laptop, make sure you don't leave it in suspend-to-RAM where it could be stolen. If it's a stationary unsupervised machine it should have a good chassis intrusion alarm that cuts the power and/or overwrites memory. That's pretty much what people can do on their own now----if they think it's worth it of course. cheers, Matthias [0] That's not to say this couldn't be a Good Thing in the end what with all the patent BS going on. -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665
pgpeUEdX3mU0D.pgp
Description: PGP signature