Disk Encryption Bad News!

After being excited about the new version of Truecrypt and learning of FREE Compusec, this study really yanked the rug out from under full disk encryption. Researchers at Princeton discovered fairly easy ways to get a disks encryption key if a computer is on and even recently turned off. What is really bad news for some implementations of Bitlocker, and possibly other disk encryption techniques that store the key in a TPM chip, is that the computer can be turned off for months and this attack is still effective.

Other then making sure one’s computer is turned off completely — no sleep mode, even hibernation in some cases — there isn’t a good defense for software based full disk encryption. Segate’s Momentus FDE isn’t currently subject to this attack because the drive stores the key in it’s own memory chip independent of the system RAM.

This research from Princeton is certainly going to cause manufacturers to make new hardware technology to protect against RAM dump attacks.

Comments are closed.