Hard disk encryption hack: ISC got it right
Anyone who reads my blog should have heard it by now from other sources: full-disk encryption can often be defeated by extracting data from DRAM chips, even after the computer in which they reside has been powered off or put to sleep.
A group of researchers at Princeton University figured out that by cooling the memory modules, their contents decay slower and can be recovered, at least to a substantial degree. If that content happens to contain an encryption key used to decrypt the contents of a hard-drive, the encryption can be defeated by compromising the key.
The fact that an encryption algorithm is only effective when a key can be kept confidential has once more been re-established. While many bloggers were breaking the news, the Internet Storm Center handler of the day, Swa Frantzen, got it right:
Still, if you have confidential material, disk encryption is one of the layers, just don't use it as the only layer.
Hard-disk encryption has often been seen as a universal solution to unintended data disclosure. I am also guilty of assigning too much value to it. This discovery serves are a very important reminder for just that: information protection is only effective when there is more than one mechanism.
A group of researchers at Princeton University figured out that by cooling the memory modules, their contents decay slower and can be recovered, at least to a substantial degree. If that content happens to contain an encryption key used to decrypt the contents of a hard-drive, the encryption can be defeated by compromising the key.
The fact that an encryption algorithm is only effective when a key can be kept confidential has once more been re-established. While many bloggers were breaking the news, the Internet Storm Center handler of the day, Swa Frantzen, got it right:
Still, if you have confidential material, disk encryption is one of the layers, just don't use it as the only layer.
Hard-disk encryption has often been seen as a universal solution to unintended data disclosure. I am also guilty of assigning too much value to it. This discovery serves are a very important reminder for just that: information protection is only effective when there is more than one mechanism.