Lest we remember-Reference-Cited by-同舟云学术

Lest we remember

Published:2009-05 Issue:5 Volume:52 Page:91-98
ISSN:0001-0782
Container-title:Communications of the ACM
language:en
Short-container-title:Commun. ACM

Author:

Halderman J. Alex¹,Schoen Seth D.²,Heninger Nadia³,Clarkson William³,Paul William⁴,Calandrino Joseph A.³,Feldman Ariel J.³,Appelbaum Jacob,Felten Edward W.³

Affiliation:

1. University of Michigan

2. Electronic Frontier Foundation

3. Princeton University

4. Wind River Systems

Abstract

Contrary to widespread assumption, dynamic RAM (DRAM), the main memory in most modern computers, retains its contents for several seconds after power is lost, even at room temperature and even if removed from a motherboard. Although DRAM becomes less reliable when it is not refreshed, it is not immediately erased, and its contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access to a machine. It poses a particular threat to laptop users who rely on disk encryption: we demonstrate that it could be used to compromise several popular disk encryption products without the need for any special devices or materials. We experimentally characterize the extent and predictability of memory retention and report that remanence times can be increased dramatically with simple cooling techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for mitigating these risks, we know of no simple remedy that would eliminate them.

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/1506409.1506429

Reference16 articles.

1. BootJacker

Cited by 646 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Key extraction-based lawful access to encrypted data: Taxonomy and survey;Forensic Science International: Digital Investigation;2024-09

2. SAT and Lattice Reduction for Integer Factorization;Proceedings of the 2024 International Symposium on Symbolic and Algebraic Computation;2024-07-16

3. Twinkle: A family of Low-latency Schemes for Authenticated Encryption and Pointer Authentication;IACR Communications in Cryptology;2024-07-08

4. Memory Tagging using Cryptographic Integrity on Commodity x86 CPUs;2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P);2024-07-08

5. A Benchmark of Cryo-CMOS Embedded SRAM/DRAMs in 40-nm CMOS;IEEE Journal of Solid-State Circuits;2024-07