In one of the more interesting articles in the Communications of the ACM in recent years, J. Alex Halderman and a cast of thousands write in the May 2009 issue that they have found a way to get encryption keys from any PC using, of all things, Freeze-Mist. In the very-well written piece "Lest We Remember: Cold-Boot Attacks on Encryption Keys," they demonstrate that keys must exist, at least for a time, in system DRAM. Though we know DRAM forgets once the refresh cycles stop " or when power goes away " they remember much longer than one expects.
I highly recommend reading the piece. It's one of the few articles I've read in a long time that just flabbergasted me.
View Full Article
No entries found