Hardware

Data Encryption Easily Broken Using Keys Hiding In RAM

By Wilson Rothman on March 6, 2008 at 11:45 AM

Scientists at Princeton have discovered a way to grab otherwise-protected data encryption keys from memory on a computer that’s just been powered down. This is pretty scary stuff, since the keys—which are well protected when the computer is on—are the one thing that keeps super-tight encryption from cracking.



It was previously thought that data held in so-called “volatile memory” was only retained for a few seconds after the machine was switched off. But the team found that data including encryption keys could be held and retrieved for up to several minutes.

The best access, it seems, comes when the burglar powers down a hibernating laptop. If he throws it in a freezer first, he’ll get even better results: “A laptop cooled to about -50ÂșC will keep information in its memory for 10 minutes or more.”

There’s a simple defense. If you shut down your laptop and let it sit for several minutes before going into a dangerous environ, there is little chance that the keys would be recovered from volatile memory. But seriously, when was the last time anyone shut down their laptop completely? [BBC News]

Tagged:

Comments (AU Comments | US Comments)

    There are currently no AU comments for this post.

Post Your Comments

Got something to say? There are two ways to comment:

1. Guests

Click here to comment instantly.

2. Facebook Users

Click below to comment using your Facebook account.

We're looking for comments that are interesting, substantial or highly amusing. If your comments are excessively self-promotional, obnoxious, or even worse, boring, you will be banned from commenting. All comments are moderated.