[coreboot] Possible security enhancement?

Paul Millar paul at astro.gla.ac.uk
Thu Feb 21 21:10:18 CET 2008


Hi all,

I just read an interesting entry on Bruce Schneier's blog:
about how to recover the keys for a whole-disk encryption system.

Apparently, the problem here is DRAM doesn't fade fast enough.  If the reboot 
is fast, then the memory contents are preserved, so exposing the in-memory 
cache of the disk encryption key.  Boot off a memory stick and one can 
analysis the memory's content.

The (perhaps flippant ;-) remark from "bootman" about storing the keys 
somewhere where the data will be erased by the BIOS led me to wonder if 
coreboot could do something like this.

Perhaps coreboot could add the option of wipe the memory contents before 
handing over to the payload, maybe a "wipe-memory" payload that fails over to 
the next, main payload?  If erasing the whole memory would take too long, 
could it wipe some part of the memory and (by convention) that part of the 
memory be used for storing secrets?

Neither offers a completely solution to the problem: apparently, as the 
temperature is lowered, the data in DRAM will survive longer---at liquid 
Nitrogen temperatures it can last for hours---but perhaps it could help.



More information about the coreboot mailing list