How to defeat Cold Boot Attack? Current precautionary measures. Ans/Views/suggestions

How to defeat Cold Boot Attack? Current precautionary measures. Views/suggestions needed.

In light of cold boot attack method revealed by Princeton University in 2008, full/whole/drive encryptions become vulnerable due to the physical RAM memory remanence.
Cold boot attack depends on the attacker getting your RAM and chilling it (to preserve decaying data) and then he extracts its data into programmed USB stick quickly. He can also pull out your RAM, chill it and have it analyzed with his portable device.
The threat is real especially if you live in a country where "you-know-who" can raid your house without any warrant (just because of your little porn adventure or you run a conspiracy site).

A. Laptop physical precautionary measures:
1. Tie or coil up your secured RAM with metal/copper wire as much as you can.
2. Put an extra metal/aluminum layer right on top of DDR2 RAM area. Useful to minimize chill/freeze effect from liquid nitrogen via casing's ventilation holes. If the ventilation holes are too near RAM area, tape / seal it up.
3. Laptop casing = first line of defense. Go to hardware stores, change your screws (pick an uncommon one) and keep the right tool.
Different types of screws: http://www.instructables.com/id/When-a-Phillips-is-not-a-Phillips/
4. Fill up the screw holes channels with wax (after securing in the screws).
5. On the contrary, your hard disk must be easy to pull out, be smashed or hide away.
6. Always detach battery and use power adapter whenever possible. Easy to unplug / power off when you suspect an intruder.

B. Laptop bios precautionary measures:
1. Enable bios memory testing on power up. (most computers have this disabled by default). This will cause bios to overwrite some data in RAM (worth it though).
2. Disable all boot up devices except for hard disk. To prevent usage of USB, removable drives and network on boot up.
3. Ensure your auto power recovery option is turned off.
4. Enable bios password (Not the boot up password).

These measures will buy time certainly.

My questions (disadvantage to cold boot attack's data salvaging process):
1. People don't usually have long password. Mine is 70+ characters long. Will super long passwords play big role due to lost characters by decaying data in RAM?
2. I have 2 DDR2 RAMs running (2GB each) "so that data can be scattered in to both". Is it better to have 1 or 2 RAMs running?
3. Assuming the attacker has super fast ability to pull out the RAM.. what is the standard slowest time for the data to decay comfortably (without chilling/freezing RAM)? 60 seconds?

Please share me your views & suggestions. Thanks.

 

Wow! That is very thorough. Cool. I think it was you who posted a thread about how to prevent someone from putting a hardware keylogger in your laptop. You mentioned putting some clear (glow-in-the-dark) epoxy over the casing with some distinguishing marks. Very clever.

You mentioned "you-know-who" busting in without a warrant. I don't think they can do that in the U.S. But even if they did, truthfully, how many police officers in the U.S. would know, or have even heard of a cold boot attack? How many FBI agents would even be prepared in advance for such a move? It just seems like such a rare and extreme measure.

 

Thanks dude. I don't live in US that's why this is somewhat my (or liberal people like me) lifeline.

If you have anything to suggest, just post it. Thanks again.

 

A lot to comment on really, but I don't have much time and have to run...but real quick...One thing that is really important against the Cold Boot Attacks is the opposite of what we'd once do for privacy reasons. My advice is now to enable disk caching and run with a page file. I am assuming, of course, that you are using FDE. This prevents the RAM from retaining so much data at any given time.

 

Yes I'm using FDE. From the moment we boot up till logging into OS, every activity is recorded into physical RAM.

Enabling disk caching does help to minimize data outflow while working in Windows. It means we don't have to worry much about our financial transactions and credit card number we type in. However, this also raises the RAM-risk of pre-boot passwords to a higher level.

Lets imagine 3 sectors in physical RAM - A Front, B Middle, C End
Being RAM nature = fetch/store data all over its sectors until new data comes to overwrite.
Assuming, it's only 60 seconds past power off & attacker applied liquid nitrogen,
In physical RAM last prominent data left will be
Disk caching disabled: Windows & financial data 75%, Pre-boot passwords 25%
Disk caching enabled: Windows & financial data 25%, Pre-boot passwords 75%

It's a matter of whether our secret passwords are still intact. This is where the bios memory test on boot up becomes useful to overwrite data into physical RAM. And of course time is more than precious in saving our ass.

 

Hi redcell,

Interesting thread you started! Note: my comments are relative to Linux/Unix below, so if you are on Windows - you'd have to adapt it (I don't know how) - if the source code is available (haven't checked) - or if there is a way to do the reverse of Wine in Linux, i.e. execute Linux executables in Windows (fat chance I guess, I just don't know).

My advice is to incorporate the use of sfill within the system shutdown code. A prime example of its use is with the Incognito (old release as of August 2008 ) where you can peruse the startup and shutdown code scripts. The Incognito Live CD of August 2008, wipes RAM at shutdown. It can be configured to wipe RAM according to how you specify it in the command you launch in the shutdown (halt) script, and one of the components of the package containing it can also wipe swap memory (sswap - secure swap wiper).

Note: The Incognito Live CD has been superceded by The (Amnesic) Incognito Live System. Amnesic may also be worth comparing with its shutdown time vs Incognito which I seem to remember takes less time - but, I haven't looked or asked the author what was done.

The newest version of the secure_deletion package can be obtained from the website http://freeworld.thc.org. For use in Linux, Unix. Secure Delete Download.

I gunzipped the secure delete package and it does contain the source code for the commands I mentioned above. They could probably be compiled in Cygwin for Windows environment, and then shoved into a shutdown script for Windows.

-- Tom

 

Q:Will super long passwords play big role due to lost characters by decaying data in RAM?
A: No, all OTFE programs use a master key that is derived from the password. The master key is the same size regardless of the password length.

Q: Is it better to have 1 or 2 RAMs running?
A: The master key is typically 256 bits. It would not be split between two memory sticks.

As far as the decay rate, this is temperature dependent. If your laptop was cold to start with and your attacker grabbed it just after booting, the decay rate would be much slower than if it had been running for an hour and fully warmed up.

In reality, a cold boot attack is difficult to pull off. If your attacker suspects you are using OTFE he will try to wait until you step away from your comptuer so as to prevent you from shutting it off. From there, a UPS can be attached and the computer can be taken to the lab where they can analyze your security measures.

You are so much more at risk from spyware/malware than a cold boot attack!

 

Thanks for your answers.

You mean master key gets copied over to both RAMs (if I have 2)?

True.

Great, possibility of portable UPS plus liquid nitrogen.

True

 

Concerning full-disk encryption, PGP says: “It takes one or two minutes for the data in memory to finally ‘fade’. Bottom line, if you shut down or hibernate (NOT SUSPEND) your machine, you’re fine after a minute or two has passed.” (see here)

One strategy to protect against a cold-boot attack is to use a virtual disk rather than full-disk encryption: “If you dismount a disk protected by PGP Virtual Disk, that memory is cleared.” (see here).

 

Quote: You mean master key gets copied over to both RAMs (if I have 2)?
No, I mean that the master key is 256 bits which is a tiny piece of data. The odds of it being split across two memory sticks is basically zero.

Quote:Great, possibility of portable UPS plus liquid nitrogen.
There is a commercial product called "HotPlug" that is marketed to law enforcement: http://www.engadget.com/2007/11/06/wiebetech-hotplug-lets-cops-move-desktops-without-shutting-them/

If you must defend against cold boot attacks, your only hope would be to have a blasting cap glued to the RAM and connected to a pressure switch underneath your computer. Of course the FBI agent that get pieces of plastic and metal stuck in his face will be really ~ Snipped as per TOS ~!

 

Don't rely on system encryption alone. The problem with system encryption (from your perspective) is that you can't wipe the encryption key from RAM until the system shuts down, otherwise it will crash the OS. Also, if the key is recovered then all of your encrypted data becomes available.

Use non-system encryption for all data, and dismount your encrypted volumes whenever they're not in use. This immediately wipes the encryption key from RAM. You can also set up a hotkey that will forcibly and quickly dismount all open volumes and wipe the key. It only takes about a second.

 

LOL!..

 

So you are basically saying just to use truecrypt volumes rather than whole disk encryption?

 

Yeah I agree all bets are off if someone gets hold of my computer (both RAM & hard disk intact).

Looks like home surveillance warning system still the best prevention.
1. Hidden camera
2. Motion detector
3. Put several faulty electrical devices around house (only I know) to cause power trip.
4. Personal reaction: alert & fast acting to kill hard disk (my hard disk is super easy to take out & smash it)

Oh well.

 

I can't come up with any plausible attack scenario where your precautions could solve anything.
If the system is powered down, no RAM attack is possible.
If the system is running we already established that there is no sure way to protect against cold boot attacks other than blowing up stuff because Laptops - without batteries - and even ordinary desktop PCs can be switched to a portable power source online without interrupting the power. Whatever physical measures you have taken can then be worked around in a lab.
But since we are even going there and considering such attack we are talking about a powerful and determined attacker. He'll likely observe you for some time, know your defenses and find a much simpler ways to gather the information he's after, think side channel attacks. Not feasible to protect against them unless you have your own secure facility, private army, James Bond like abilities etc...

 

Interesting. I'm getting all pro-attacker comments.

Scenario 1: Computer already powered off hours before. Hidden camera, motion detector pick up intrusion (3 minutes to react).
Mafia: "XXX. Open the door!"
(1-2 minutes to react) .........
Owner: Swap hard disk with dummy & hide it away.
Mafia people unable to find any data.

Scenario 2: Computer still running. Hidden camera, motion detector pick up intrusion (3 minutes to react).
Mafia: "XXX. Open the door!"
(1-2 minutes to react) .........
Owner: Unplug computer. Short electrical device causing entire house power trip. Smash real hard disk & hide it away. Swap it with dummy hard disk.
Mafia: Sprays RAM area with liquid nitrogen.
Mafia people unable to find any data.

Scenario 3: Computer still running. Hidden camera, motion detector fails (1-2 minutes to react).
Mafia: "Special delivery for Mister ..."
Owner: Swap hard disk with dummy. Restart computer with memory test automatically.
Mafia: Hooks up portable power & sprays liquid nitrogen on RAM.
Mafia people unable to find any data.

Scenario 4: Computer still running. Hidden camera, motion detector fails (1 minute to react).
Mafia: "Special delivery for Mister ..."
Owner: Execute soft reboot. Restart computer with memory test automatically.
Mafia: Sprays liquid nitrogen on RAM area.
Mafia people unable to find any data.

 

Mafia eh?

Mafia: I'm really angry right now.
You: Haha, good luck reading my data now.
M: I don't think you understand the situation you are in. Tie him up! I'll just ask you once, were is the backup and password?
You: *remains silent*
M: Not going to talk? Let's see if we can change that. *opens a bags and pulls out various medical looking tools*

Don't have any backups? You lose either way.
GAME OVER -- please insert coin!

Anyway now you are talking about hidden cameras and motion detectors, whereas I was replying to the points raised in A. and B. in your first post. Totally different scope. What I was interested in, if that wasn't clear enough, is a scenario where "the Mafia" gets hold of the PC while it's still running.
What you now suggest could save you some time to do exactly what I mentioned ("If the system is powered down, no RAM attack is possible.") and it also bring us closer to the realm of "secure facility, private army, James Bond".

Re your latest post, that's what I think is a more accurate timeline:

you are watching porn on your super secure PC when the motion detector sets of a silent alarm. Silent because lately you haven't had any sleep because your neighbors cat has been strolling by every night and tripped the alarm.
Of course you are too occupied with something much more important so you don't see how on the second monitor a van has pulled into the driveway and several guys enter your premises.
Suddenly BAAM! the door bursts open and a group of armed forces quickly enters the room you are in.
You just have time to pull up your trousers and try to reach the off switch when you hear a voice behind you:
Don't move or I'll shoot!

Yeah, or something like that.

 

Fortunately, I don't live in such crime-laden country (eg. USA, Russia, England, China).
But I've been through high-level situations which others do not.
Just sharing my experience.

Your last comments seem directive-debunking against me.
Let us be more constructive.

 

1. I did some now apparent ninja editing

2. I was just playing along with your Hollywood movie-plot scenarios (see Bruce Schneier for a definition), i.e. some comedy cliché. No offense meant.

All I'm saying is focusing on cold boot attacks makes absolutely no sense from a security viewpoint if you don't take into account much easier, cheaper, more effective and more reliable side channel attacks.

BTW does your Laptop come with Firewire or PCIe ExpressCard? Let's not forget the glaring obvious.

"One more thing": Everyone reading this thread:
"If the ventilation holes are too near RAM area, tape / seal it up." Please don't...
same goes for putting metal(!) inside a Laptop case. But that's common sense I hope.

 

Just like to point out something - the Hotplug method may not work in the country I'm residing in (UK type electrical socket). I guess the guy has to stuck his rod inside to get job done.

The next personal project I'll be working on is how to sure-kill desktop mobo without opening its casing or causing visible damage.

There's no one-for-all solution against Cold Boot Attack. Everyone has different ideas and thanks to agents debunking my posts.

 

You're going about it the hard way. When you use system encryption the key can't be wiped from RAM until the system finishes shutting down, otherwise you will cause a crash, and as we all know, shutdown takes awhile. I don't know of any built-in tools that will wipe the key in the meantime, as legitimate software is generally designed NOT to crash the system.

The obvious answer is not to rely on system encryption. If you're using TrueCrypt, store your data in separately-encrypted containers, as these can be dismounted in a fraction of a second. You can even set up a hotkey to perform a forcible dismount. This will immediately wipe the encryption key from RAM. Dismount the volumes whenever you step away or whenever your door locks/security cameras/etc. tell you to.

To defend against the inevitable leakeage of "data niblets" into the your system files (registry, swapfile etc.), set up a virtual machine and store your system-encrypted virtual OS inside an encrypted partition. If necessary, hit the hotkey to dismount the partition. Sure, various bits of data will still unavoidably remain in RAM, but the keys to your encrypted partitions won't be among them.

 

Let's keep in mind the scenario under which you're making decisions here are based on a no-knock raid by the police! Nothing else would force you to have any concerns regarding CBAs. Under those conditions, your computer should either A) Already be off or B) You should be able to log it off. Mine takes seconds using TC system encryption. The odds of being a target of such a raid are probably (hopefully!) slim, and if you are, the chances of a Cold Boot Attack being used is even slimmer and the chances your key would be in RAM is even slimmer than that. I think that in a practical sense, FDE is still the way to go. I wouldn't make a decision to not use FDE based on a subset of very limited circumstances. The risks of leaked information in an unencrypted system using Windows is far greater, imo, than the scenario above.

 

I was suggesting that the OP use separately encrypted containers in addition to system encryption. If you were referring to my post then I apologize for not being clearer.

 

I agree with this. I use system encryption with two volumes that are opened at boot using the TC feature that opens the volumes on a separate partition as soon as the OS is up.

 

However, if the system volume is encrypted with the same passphrase/key as the other volumes, then the latter are as vulnerable as the former to a cold boot attack – correct?