Sign In

Communications of the ACM

ACM Opinion

Securing Keys, Drams and Freeze-Mist

View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
embedded systems expert Jack Ganssle

Jack Ganssle

Credit: Flickr

In one of the more interesting articles in the Communications of the ACM in recent years, J. Alex Halderman and a cast of thousands write in the May 2009 issue that they have found a way to get encryption keys from any PC using, of all things, Freeze-Mist. In the very-well written piece "Lest We Remember: Cold-Boot Attacks on Encryption Keys," they demonstrate that keys must exist, at least for a time, in system DRAM. Though we know DRAM forgets once the refresh cycles stop " or when power goes away " they remember much longer than one expects.

I highly recommend reading the piece. It's one of the few articles I've read in a long time that just flabbergasted me.

View Full Article


No entries found