Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by Kartik Patel

Published byClaude Taylor Modified over 6 years ago

Similar presentations

Presentation on theme: "Presented by Kartik Patel"— Presentation transcript:

1 Presented by Kartik Patel
Cold Boot Attack Presented by Kartik Patel

2 Information storage Information is stored in the Dynamic Random Access Memory (DRAM) on a computer DRAM contains programs that are required for a computer to function Each bit of data is stored on a separate capacitor (like a big bucket) Capacitor needs to be refreshed every few milliseconds as it stores 1’s and 0’s Example: Logging into your computer stores the password in DRAM access to all user files Why DRAM needs to be refreshed: memory cells leak away, so without being refreshed the stored data would eventually be lost. Bits are stored in the capacitator with 1’s, goes to ground state after when they discharge Capacitor

3 Cold boot attack Performed on Dynamic Random Access Memory (DRAM)
Known as volatile memory space People been taught that all their data will be erased when power is removed Misconception, data remains there for a few seconds Typically data is lost gradually over a period of seconds Decaying stage begins when a computer has lost its power This is memory which available at runtime, when you have running applications open it get stored in the DRAM When you close the program it is removed from there which becomes available for other applications

4 How.. Keys have seconds to minutes before bits start to decay
Keys left for too long when trying to extract, it can cause corruption This image decayed within 2 mins

5 How are attack performed
Access is required to the physical machine Matter of seconds to extract all the data Non – Destructive attack Copied to a external drive They pose a particular threat to laptop users who rely on disk encryption products, since an adversary who steals a laptop while an encrypted disk it can employ our attacks to access the contents, even if the computer is screen-locked or suspended. Copy is made to a eternal device due to stake frame. Don’t want to overwrite original bits in RAM causing the entire data becoming corrupt

6 Cooling the DRAM Change in temperatures have different effects on the number of bit decaying Cooling the DRAM decreases the number of bits decaying Use inverted can of caned air Below -50 degrees, found fewer than 1% of bits decayed Use liquid nitrogen after canned air Cooling to even lower temperature, found -196 found even less bits decayed

7 Comparison

8 Exploiting DRAM Remanence
Reboot the machine and launch the custom kernel Cut the power to the machine, then restores the power and boots a custom kernel via USB/external device This prevents the OS of any opportunity to scrub memory before shutting down Cuts the power and transplants the DRAM modules to an attacker’s machine This prevents the original BIOS and PC hardware of any chance to clear the memory The most advanced, cool the memory chip, take it out, put it into the attackers computer and then the file dumping will begin

9 Example.. Windows Vista – BitLocker
Windows Vista used a full disk encryption mechanism which is known to be BitLocker. This is designed to protect user data stored on the disk by providing encryption for the entire volume. User logs in and then puts the computer in lock mode Password to the computer is stored in DRAM Attacker had access to the physical device and attach external device with attack software Power computer down, remove the battery, add the battery and power on Booted by external device, data starts to be dumped to external device including login key Now all the keys will decrypt the computers hard disk and access to all files On this computer the DRAM didn't’t need to be cooled because it had the old circuit boards put in.

10 Reconstruction of keys
Experiment showed that keys normally go to ground state Very few bits go the opposite way Speed reconstruction was used to re-create keys to its original state which Is more efficient Can correct errors more efficiently with lower bit rate, can correct even if there is high bit error From 5% to 50% When the bits were decaying, a experiment showed that it goes to a ground state. There are a few bits which go to opposite way, but it is assumed to be 0 when reconstructing keys Bits have also been predicted in the order that they start to decay, this was learned over a series of time trials

11 Reconstructing / Identifying key
Data Encryption Standard (DES) keys Advanced Encryption Standard (AES) keys Tweak keys RSA private keys Identifying keys in memory Identifying AES keys Identifying RSA keys

12 Mitigate Techniques Best counter measure is suggested to discard or obscuring encryption keys before and adversary gains physical access. Prevents memory dumping software from been executed Make contents of the memory decay more readily Adding passwords to boot from external device Difficult to defend against because cryptographic keys are in active use and need to be stored somewhere

13 Mitigation methods Scrubbing memory Suspending a system safely
Software which overwrite keys in memory which is no longer needed Runtime libraries and OS should clear memory more proactively Systems can clear memory on boot time before loading OS Suspending a system safely Users can protect themselves by completely powering down the computer and waiting for a moment for all keys to be removed.

14 Methods [cont.] Avoidance of pre-computation encryption keys
Key expansion Physically protecting the memory Locked and encase DRAM in material which frustrates on the attempt of removal Architectural changes Making them lose their state quickly Key-store hardware that erases its state on power-up, reset and shutdown Will work long as encryption keys are destroyed on reset or power loss Architectural changes - Not good now but maybe in the future

15 Summary What is cool boot attack and how they are performed
Ways that data bits keys can last longer in DRAM Exploiting DRAM remenance and key methods for reconstruction Ways that cool boot attack can be mitigated

16 Criticisms There still is no proper defenses against cold boot
Scrubbing memory still doesn't protect against important keys which are required to be kept in memory Attacker can swap out the hard drive, bypass the sanity check of password and boot the computer Users wait for their computer to power down then reboot it, rather then machine in sleep mode (trade off security vs usability)

17 Questions?

Download ppt "Presented by Kartik Patel"

Similar presentations

Computer Forensic Analysis By Aaron Cheeseman Excerpt from Investigating Computer-Related Crime By Peter Stephenson (2000) CRC Press LLC - Computer Crimes.

Computer Forensic Analysis By Aaron Cheeseman Excerpt from Investigating Computer-Related Crime By Peter Stephenson (2000) CRC Press LLC - Computer Crimes.
Rambling on the Private Data Security

Rambling on the Private Data Security
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
CSUF Chapter 3.2 1. CSUF Operating Systems Security 2.

CSUF Chapter CSUF Operating Systems Security 2.
Section 3.2: Operating Systems Security

Section 3.2: Operating Systems Security
Iron Key and Portable Drive Security Zakary Littlefield.

Iron Key and Portable Drive Security Zakary Littlefield.
Lest We Remember Cold-Boot Attacks Against Disk Encryption J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A.

Lest We Remember Cold-Boot Attacks Against Disk Encryption J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A.
IT Systems Memory EN230-1 Justin Champion C208 – 3273 www.staffs.ac.uk/personal/engineering_and_technology/jjc1.

IT Systems Memory EN230-1 Justin Champion C208 –
0x1A Great Papers in Computer Security

0x1A Great Papers in Computer Security
NovaBACKUP 10 xSP Technical Training By: Nathan Fouarge

NovaBACKUP 10 xSP Technical Training By: Nathan Fouarge
Presented By Peter Matthews

Presented By Peter Matthews
By Jacob Campbell. a motherboard is the central printed circuit board (PCB) in many modern computers and holds many of the crucial components of the system,

By Jacob Campbell. a motherboard is the central printed circuit board (PCB) in many modern computers and holds many of the crucial components of the system,
Chapter 5 Basic Input/Output System (BIOS)

Chapter 5 Basic Input/Output System (BIOS)
Basic Input Output System

Basic Input Output System
Memory Main memory consists of a number of storage locations, each of which is identified by a unique address The ability of the CPU to identify each location.

Memory Main memory consists of a number of storage locations, each of which is identified by a unique address The ability of the CPU to identify each location.
603410053 張耀元 603410099 許博凱 Computer Science, National Chung Cheng University, 2014 Introduction A variation of the suspend-resume technique eliminates.

張耀元 許博凱 Computer Science, National Chung Cheng University, 2014 Introduction A variation of the suspend-resume technique eliminates.
Mac OS Lion Memory Forensics Using IEEE 1394 to Bypass FileVault 2 Full Volume Encryption. Todd Garrison September 18, 2011.

Mac OS Lion Memory Forensics Using IEEE 1394 to Bypass FileVault 2 Full Volume Encryption. Todd Garrison September 18, 2011.
Random access memory.

Random access memory.
Protecting Data on Smartphones and Tablets from Memory Attacks

Protecting Data on Smartphones and Tablets from Memory Attacks
1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.

1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.

Similar presentations

Ads by Google