Attack on computer memory reveals vulnerability of widely-used security systems

Feb 21, 2008
Attack on computer memory reveals vulnerability of widely-used security systems
A combination of frost and refrigerant around the computer’s memory chips. At this temperature, memory contents last for several minutes with almost no loss of information.

A team of academic, industry and independent researchers has demonstrated a new class of computer attacks that compromise the contents of “secure” memory systems, particularly in laptops.

The attacks overcome a broad set of security measures called “disk encryption,” which are meant to secure information stored in a computer’s permanent memory. The researchers cracked several widely used technologies, including Microsoft’s BitLocker, Apple’s FileVault and Linux’s dm-crypt, and described the attacks in a paper and video published on the Web Feb. 21. (Video is available here: www.youtube.com/watch?v=JDaicPIgn9U)

The team reports that these attacks are likely to be effective at cracking many other disk encryption systems because these technologies have architectural features in common.

“We’ve broken disk encryption products in exactly the case when they seem to be most important these days: laptops that contain sensitive corporate data or personal information about business customers,” said Alex Halderman, a Ph.D. candidate in Princeton’s computer science department. “Unlike many security problems, this isn’t a minor flaw; it is a fundamental limitation in the way these systems were designed.”

The attack is particularly effective against computers that are turned on but are locked, such as laptops that are in a “sleep” or hibernation mode. One effective countermeasure is to turn a computer off entirely, though in some cases even this does not provide protection.

Halderman’s Princeton collaborators included graduate students Nadia Heninger, William Clarkson, Joseph Calandrino, Ariel Feldman and Professor Edward Felten, the director of the Center for Information Technology Policy. The team also included Seth Schoen of the Electronic Frontier Foundation, William Paul of Wind River Systems and independent computer security researcher Jacob Appelbaum.

Felten said the findings demonstrate the risks associated with recent high-profile laptop thefts, including a Veterans Administration computer containing information on 26 million veterans and a University of California, Berkeley laptop that contained information on more than 98,000 graduate students and others. While it is widely believed that disk encryption would protect sensitive information in instances like these, the new research demonstrates that the information could easily be read even when data is encrypted.

“Disk encryption is often recommended as a magic bullet against the loss of private data on laptops,” Felten said. “Our results show that disk encryption provides less protection than previously thought. Even encrypted data can be vulnerable if an intruder gets access to the laptop.”

The new attacks exploit the fact that information stored in a computer’s temporary working memory, or RAM, does not disappear immediately when a computer is shut off or when the memory chip is taken from the machine, as is commonly thought. Under normal circumstances, the data gradually decays over a period of several seconds to a minute. The process can be slowed considerably using simple techniques to cool the chips to low temperatures.

Disk encryption technologies rely on the use of secret keys -- essentially large random numbers -- to encode and protect information. Computers need these keys to access files stored on their own hard disks or other storage systems. Once an authorized user has typed in a password, computers typically store the keys in the temporary RAM so that protected information can be accessed regularly. The keys are meant to disappear as soon as the RAM chips lose power.

The team wrote programs that gained access to essential encryption information automatically after cutting power to machines and rebooting them. The method worked when the attackers had physical access to the computer and when they accessed it remotely over a computer network. The attack even worked when the encryption key had already started to decay, because the researchers were able to reconstruct it from multiple derivative keys that were also stored in memory.

In one extremely powerful version of the attack, they were able to obtain the correct encryption data even when the memory chip was physically removed from one computer and placed in another machine. After obtaining the encryption key, they could then easily access all information on the original machine.

“This method is extremely resistant to countermeasures that defensive programs on the original computer might try to take,” Halderman said.

The attacks demonstrate the vulnerability of machines when they are in an active state, including “sleep mode” or the “screen lock” mode that laptops enter when their covers are shut. Even though the machines require a password to unlock the screen, the encryption keys are already located in the RAM, which provides an opportunity for attackers with malicious intent.

None of the attacks required specialized equipment. “I think we're going to see attackers doing things that people have previously though impractical or impossible,” Appelbaum said.

The researchers were able to extend the life of the information in RAM by cooling it using readily available “canned air” keyboard dusting products. When turned upside down, these canisters spray very cold liquid. Discharging the cold liquid onto a memory chip, the researchers were able to lower the temperature of the memory to -50 degrees Celsius. This slowed the decay rates enough that an attacker who cut power for 10 minutes would still be able to recover 99.9 percent of the information in the RAM correctly.

“Hints of problems associated with computers retaining their temporary memory have appeared in the scientific literature, but this is the first systematic examination of the security implications,” said Schoen.

The researchers posted the paper describing their findings on the website of Princeton’s Center for Information Technology Policy. They submitted the paper for publication and it is currently undergoing review.

In the meantime, the researchers have contacted several manufacturers to make them aware of the vulnerability: Microsoft, which includes BitLocker in some versions of Windows Vista; Apple, which created FileVault; and the makers of dm-crypt and TrueCrypt, which are open-source products for Windows and Linux platforms.

“There’s not much they can do at this point,” Halderman said. “In the short term, they can warn their customers about the vulnerability and tell them to shut their computers down completely when traveling.”

In the longer term, Halderman said new technologies may need to be designed that do not require the storing of encryption keys in the RAM, given its inherent vulnerability. The researchers plan to continue investigating this and other defenses against this new security threat.

More information: citp.princeton.edu/memory/

Source: Princeton University

Explore further: Professor proposes alternative to 'Turing Test'

add to favorites email to friend print save as pdf

Related Stories

Smartphones team-up with QR codes for secure 3-D displays

Nov 11, 2014

Quick Response (QR) codes—the box-shaped symbols that appear on signs, posters, and even business cards—are a convenient and efficient way of accessing specific web pages with a smartphone or other mobile device. However, ...

In cybersecurity, the weakest link is you

Nov 03, 2014

A chain is only as strong as its weakest link. Computer security relies on a great number of links, hardware, software and something else altogether: you. The greatest threat to information security is actually ...

What's causing the recent string of data breaches?

Oct 30, 2014

It's Cyber Security Awareness month, which has me wondering: are we doing all we can to protect our data? To help answer this question, I sat down with Girish Bhat of Wave Systems—an important collaborator of Micron's—to ...

Recommended for you

Forging a photo is easy, but how do you spot a fake?

2 hours ago

Faking photographs is not a new phenomenon. The Cottingley Fairies seemed convincing to some in 1917, just as the images recently broadcast on Russian television, purporting to be satellite images showin ...

Algorithm, not live committee, performs author ranking

6 hours ago

Thousands of authors' works enter the public domain each year, but only a small number of them end up being widely available. So how to choose the ones taking center-stage? And how well can a machine-learning ...

Professor proposes alternative to 'Turing Test'

Nov 19, 2014

(Phys.org) —A Georgia Tech professor is offering an alternative to the celebrated "Turing Test" to determine whether a machine or computer program exhibits human-level intelligence. The Turing Test - originally ...

Image descriptions from computers show gains

Nov 18, 2014

"Man in black shirt is playing guitar." "Man in blue wetsuit is surfing on wave." "Black and white dog jumps over bar." The picture captions were not written by humans but through software capable of accurately ...

Converting data into knowledge

Nov 17, 2014

When a movie-streaming service recommends a new film you might like, sometimes that recommendation becomes a new favorite; other times, the computer's suggestion really misses the mark. Yisong Yue, assistant ...

User comments : 7

Adjust slider to filter visible comments by rank

Display comments: newest first

Nikola
3 / 5 (2) Feb 21, 2008
So after dismounting your encrypted volume, shutting down computer, or going into standy, the encryption software should wipe the key location in RAM. Is this possible?
Adriab
5 / 5 (1) Feb 21, 2008
You can, and should, overwrite any sensitive areas of the RAM with zeros after it is done being used.
Nikola
3 / 5 (2) Feb 21, 2008
Any good (free) RAM wiping software out there?
flyingpig98
2 / 5 (1) Feb 21, 2008
This was of course under lab conditions.
It would more than likely result in a dead chip and maybe the mainboard as well, as the chip warms up and gathers moisture.
Don't try this at home!
JohnSawyer
5 / 5 (2) Feb 22, 2008
Nikola:
Yes, there's no barrier to wiping encryption keys from RAM--those areas of RAM just have to be replaced with zeros, or ones, or whatever--just as easy as writing any other data to those areas. The people who have created existing encryption software, just haven't bothered. Maybe now they will.

flyingpig98:
You're right, things like spraying your computer's RAM boards with freeze mist, and then yanking them out and plugging them into another computer to read their contents, shouldn't be tried using your home computer. But from my experience with electronics for the past 30 years, I wouldn't be surprised if doing this, with an extra couple of computers, not under lab conditions, would still work much of the time. Even if any of the lab's conditions were required, I wouldn't be surprised if those conditions could be duplicated without much effort. Using freeze mist to diagnose problems with electronics, while they're running, is a common technique among those trying to track down intermittent heating/cooling-related problems, and one I've done many times, without damaging the live electronics, though when I first started out trying this, I too was worried about shorting out and frying components--but it hasn't happened to me so far. The article's procedures are very duplicatable outside the lab.
SDMike
not rated yet Feb 22, 2008
Crypto programs should reside on removable memory. Their working values should reside completely on removable memory that is wiped when unplugged. Much more secure. Trust me, you'll notice when someone sprays -50 degree C vapor into your pocket.
JerryS
5 / 5 (1) Feb 26, 2008
This attack is about discovering the encryption/decryption key, and not the particular algorithm used. The exploit works because as each sector of data is read from or written to the hard drive, it must be individually encrypted/decrypted, which means the key must, at a minimum, become visible when a sector of data needs to be crypted, and of course it can be "erased" after the sector has been processed. There is still this window where the key is in cleartext in memory during the *crypt operation, and so even erasing memory between sector processing still gives a good chance of getting the key.

For performance reasons, general disk encryption is done with symetric cyphers (same key to encode and decode), but even for a Public/Private PKI pair, the secret key must be dumped into system memory where the algorithm repeatedly uses the key as one input (the other input being disk data).

To prevent this type of exploit, it is important to never have the key(s) in cleartext in any register or memory that is user accessible. Granted. Although this memory-decay attack is one way of reading memory, there are forensic tools that can scan physical memory using standard FireWire hardware, which is why the preliminary work on "recognizing keys" was done before this. From the description, it sounds like the current attack has improved upon the earlier work!

So how can this be avoided? The generally-accepted designs are a black-box, with the encrypting/decrypting key(s) stored within, usually with some mechanisms for erasing them if tampering is detected. For practical use, a computer chip built in layers with the key storage located in the middle layers of silicon is often the BB of choice. Most enterprise-class computers (laptops/desktops) have a TPM (Trusted Program Module) that, among other things, is a secure container for various keys.

While it is possible to use a TPM chip to encrypt/decrypt blocks of data, the performance is often not very good, and would represent a big bottleneck in disk I/O if all data had to be passed thru the TPM.

Seagate and a couple of other hard drive manufacturers are bringing FDE (Full disk encryption) products to market where the keys and the encryption/decryption is performed in the computer chips in the drive itself, and thus the key is never visible on any computer data bus. Authentication keys are themselves encrypted such that only the disk chip can decrypt and confirm the authenticity of requests from outside the circuits.

A TPM can encrypt and pass commands to the hard drive to control the data encryption itself, but it still is necessary to have at least one clear-text key to load up the TPM and/or FDE drive at the factory, and thus there is always this one weak link in the security.

Bottom line is that practical disk encryption should rely on special hardware designed to encrypt/decrypt data securely. The software-based schemes require the key(s) to be in the clear at least some of the time, and will always present a much easier target for attacks such at the memory-decay exploit described here.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.