Friday, February 22, 2008

Breaking Hard Drive Encryption

Princeton University has come up with (successful) research results on hard drive encryption breaking.

Shockingly simple, it relies on the fact that memory (DRAM) doesn't lose its contents immediately after powering down, thus the en(/de)cryption keys can be retrieved for use by an attacker. Which means that all the data in the supposedly safe hard drive can be read once that happens.

The only way to be safe (currently) is for your laptop to be shut down or in (true) hibernate mode when the thief gets access to/steals your laptop. More elaborations in the last few minutes of the video.

Links from the main page:
Their FAQ.
The experiment details (/how to test for this).
Related videos and images.

No comments: