Ever more computers are carrying ever more confidential data - trade secrets, personal information of clients and constituents, and national security information. Encrypted hard disks requiring hardware keys or passwords are supposedly the way to keep that information safe.
Princeton University computer security researcher Edward Felten released a study recently demonstrating that encryption keys are only as secure as the RAM that carries them, and that RAM is vulnerable in surprising ways. The upshot? Even turning a computer off may not be enough.
What has your study found?
The implication of the paper has to do specifically with disk encryption. These are systems that try to encrypt the contents of file on hard drives of PCs so that if the computer is lost or stolen, the person who gets the computer won't be able to read all the files.
We found a method that is able to defeat all of the disk encryption systems that we've tried it on, which I think is now up to six systems roughly. And the basic reason is that all of these systems need to keep the secret encryption key somewhere, and the only place they can put it is in the RAM.
What we found, basically, is a way to get access to RAM, even if it's screen-locked.
The way we get access to RAM is by exploiting a pretty surprising property of RAM. RAM is supposed to be volatile - when you turn off the power, it forgets the information. What we found is that information in RAM sticks around a lot longer. It sort of fades out over much longer than anybody thought.
How much longer?
It actually stays around for seconds, and sometimes even minutes. We tried this on a typical desktop computer that's six or eight years old; we found that even after about 45 seconds, most of the contents of memory are still there. Newer DRAM [chips] held their information for a shorter period - still plenty long for an attacker, but shorter.
What that means is that an attacker can just cut the power to a computer - just unplug it, plug it back in and then reboot. After rebooting, the stuff that was in the memory before will still be there, so that the memory contents are still available to the attacker.
We discovered the trick of freezing the memory, which allows the RAM [chips] to retain their data. If we sprayed cooling spray [from an inverted can of common electronics-dusting spray], which gets to about minus 50 degrees Celsius, the retention time for ordinary DRAM would be 10 minutes or more. The cooling spray you can just spray on the chip right there in the computer - sort of open up the machine so you see the chip, and just spray it on.
If you take the chips out and dunk them into liquid nitrogen, they last a long, long time. We don't even know how long, because we ran out of liquid nitrogen.
Is it possible to put encryption keys in some other memory location using a different technology, or in someplace dedicated to the disk subsystem?
Maybe you could make a specialised chip that behaves differently. Probably what you would need is some kind of circuitry that actively erased information. I would not trust a design that sort of waited for the information to leak out. Given the effectiveness of cooling, it seems to me unlikely - although I'm not a chip designer - to make a chip that would have the information naturally decay fast enough while still having the chip [be] reliable enough.
Getting the contents of the RAM is only part of the battle. How do you reconstruct the keys and separate them from all the other data?
One of the contributions of the paper is that we have much better algorithms than before for finding keys in memory, even in the presence of some amount of corruption of information and - for once you've found there's a key in a particular place - finding out what the key is. We have much, much better algorithms for doing that, that exploit the way that encryption software handles the keys. That sort of shows that these types of power-cutting attacks can be extended much further than people had thought.
What about longer keys?
They'd have to be way, way longer. One of the countermeasures that we talked about is key expansion, where you basically take a 128-bit or 256-bit key and you expand it until it's 256KB or a megabyte or something. The reason that helps is that if the adversary cuts the power, there's going to be a low error rate - some low percentage of the bits will flip. And if you can make the key storage really big, then the number of bits you'd expect to flip would be bigger. But you have to a make it much, much bigger.
Which means, really, that you're not switching to a different cipher - you're just dispersing the information from the key over a large region of memory. There's a known theory of how to do that.
Dynamic RAM is not a new technology. Wasn't this effect identified before?
There's some folklore. We searched the literature pretty hard to find previous references to this in the technical literature. We found a few references to DRAM [chips] holding their state longer when they were cold. There was a paper that studied static RAM [chips] that showed an effect like this. There was a paper on dynamic RAM in German that was published in the 1970s, but of course since the early 1970s, chip technology has changed a lot.
There have been a few idle mentions of "oh, we saw this funny thing that might have security implications," but we didn't find anything published that talked about this effect. We didn't find any systematic study, and I think that people hadn't realised just the fact that popular disk encryption systems are not protected against it showed that it's not at all a known effect.
What has the reaction been?
We've had some discussions with vendors. Vendor discussions are generally confidential, so I don't want to go beyond saying we've had discussions with them. There have been some discussions with law enforcement, which do forensic analyses of computers that they seize under search warrants, trying to understand that the implications are. And we've had some inquiries from companies that make encryption products trying to understand if their products are vulnerable to this kind of attack.
Any three-letter federal agencies?
There are some rumours that some of these agencies may have known about of these methods before. We looked really hard for any written evidence of that - any news stories, any documents from the agencies, anything in the published literature - and couldn't find it. But nonetheless there are rumours. I wouldn't be surprised if some agencies had known about it.