[coreboot] Possible security enhancement?
Paul Millar
paul at astro.gla.ac.uk
Thu Feb 21 21:10:18 CET 2008
<delurk/>
Hi all,
I just read an interesting entry on Bruce Schneier's blog:
http://www.schneier.com/blog/archives/2008/02/cold_boot_attac.html
about how to recover the keys for a whole-disk encryption system.
Apparently, the problem here is DRAM doesn't fade fast enough. If the reboot
is fast, then the memory contents are preserved, so exposing the in-memory
cache of the disk encryption key. Boot off a memory stick and one can
analysis the memory's content.
The (perhaps flippant ;-) remark from "bootman" about storing the keys
somewhere where the data will be erased by the BIOS led me to wonder if
coreboot could do something like this.
Perhaps coreboot could add the option of wipe the memory contents before
handing over to the payload, maybe a "wipe-memory" payload that fails over to
the next, main payload? If erasing the whole memory would take too long,
could it wipe some part of the memory and (by convention) that part of the
memory be used for storing secrets?
Neither offers a completely solution to the problem: apparently, as the
temperature is lowered, the data in DRAM will survive longer---at liquid
Nitrogen temperatures it can last for hours---but perhaps it could help.
Cheers,
Paul.
More information about the coreboot
mailing list