SafetyIssues Personal and Public Safety News Articles: Is It Possible to Steal Encrypted Data?

Is It Possible to Steal Encrypted Data?
================================================================================
Staff writer for safetyissues.com on 02/09/11 09:15:00
 
A group of researchers recently published a paper that details simple methods
they developed to steal encrypted data stored in hard disk drives. Their
technique could seriously undermine the effectiveness of security software used
to protect data on computers, especially laptops and other portable computers
which are very vulnerable to theft.
The procedure requires the attacker to have physical access to the computer; it
cannot be done remotely. It exploits an obscure vulnerability in the DRAM
(dynamic random access memory) chip, which temporarily holds data while you are
working on your computer. When you shut off the computer, the data in the DRAM,
including the data encryption keys, are erased from the DRAM.
Contrary to popular assumption, however, the content in the DRAMs do not
disappear immediately. It takes several seconds or a few minutes after shutting
off power before the data is erased, and even if the DRAMs are separated from
the motherboard. With more specialized techniques, the data could remain for
hours, or even days, in the chips.
The simplest method involved chilling the chips with a can of inexpensive dust
remover. This produced temperatures cold enough (-50 °C) to have the data in
the chips stay long enough for the researchers to retrieve the keys easily.
The more complicated method involved cooling the chips in liquid nitrogen to
temperatures of -196 °C. This froze the data in place for hours without any
power.
In either method, the researchers then put the chips back into a computer after
cooling and easily retrieved the contents. They then used pattern-recognition
software to pick out the security keys from the other bits of data on the cooled
DRAM chip.
The researchers successfully tested their procedure on various encryption
utilities in Windows, Macintosh and Linux operating systems. They did not test
the methods on disk encryption systems now built into a number of commercial
disk drives.
Nevertheless, their tests proved that current industry standard platforms
(called Trusted Computing) to securing data on modern personal computers may not
give sufficient protection against these potential attacks. People cannot simply
assume anymore that claims of robust computer security are correct.
Safety Tips:
* Shut down your computer completely several minutes before you leave your
computer (which could compromise its physical security). If you want to protect
your encrypted files better, do not leave your computer in ‘sleep’ mode or
with locked screen saver. This does not completely shut off the computer.
* Protect your computer from theft.
* Use an encrypted volume PGP disk and remove it when you’re done.
* Use multi-factor authentication.