Interesting paper Michael. Even though Truecrypt, which I use, flushes
cached secrets on volume auto-dismount (standby/sleep modes) and program
exit, it (and other current techniques) would require keys to be present
in dynamic memory for on the fly encryption; those keys could be
accessed using the techniques they describe.
I suppose limiting physical access to the hardware by suspicious parties
carrying tins of compressed air and USB sticks would be the way to go...
On the 22/02/2008 08:02, Micheal Espinola Jr wrote the following:
http://www.eff.org/press/archives/2008/02/21-0
"Lest We Remember: Cold Boot Attacks on Encryption Keys" :
http://citp.princeton.edu/memory/
...or how about literally freezing the data:
http://www.physorg.com/news122820185.html
~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
