Cold Boot Attack Defense

From Kicksecure
Jump to navigation Jump to search

A cold boot attack is a type of computer security attack that involves accessing sensitive information from a computer's random access memory (RAM) after the computer has been turned off or restarted. Normally, when a computer is turned off or restarted, the data in the RAM is erased. However, with a cold boot attack, the attacker can quickly freeze the RAM before it loses its contents, and then remove the RAM and transfer it to another computer to read its contents. This allows the attacker to access sensitive information, such as encryption keys or login credentials, that were stored in the RAM.

This wiki page outlines measures taken to defend against cold boot attacks.

Introduction[edit]

Due to the design of modern computers, nearly all the data manipulated during a session is temporarily written to RAM. This can include texts, saved files, passwords, and encryption keys! Data from more recent activities has a greater likelihood of still residing in RAM. [1]

Modern computer architecture poses a significant risk to computer users. Adversaries with physical access to a computer running any operating system may be able to recover all session activities, even if Full Disk Encryption (FDE) is enabled.

Even when a computer is powered off, the data in RAM does not immediately disappear. Depending on the circumstances, data can survive for up to several minutes. For example, this occurs when a computer loses power abruptly and does not go through the normal shutdown cycle. [2] If an adversary has immediate physical access to a computer, a cold boot attackarchive.org can be mounted.

Forensic experts have two main methods of extracting data from RAM: [3]

  • The running computer is cold-booted and a lightweight operating system is booted from a removable disk. A tool is used to dump pre-boot physical memory contents to a file.
  • The memory modules are quickly removed from the original system and placed in another computer under the adversary's control. The machine is then booted to access the memory contents.

In both cases, the RAM contents can be analyzed in a computer forensics laboratory. Depending on what is found, the user may be in serious peril. Notably, cold boot attacks have proven effective against Trusted Platform Modules (TPMs)archive.org, as well as full disk encryption regardless of the vendor or operating system. For certain memory modules, the time window for an attack can be extended to several hours by cooling them with a refrigerant. [3]

Using TPM transparent encryption opens the risk for "Warm" Cold Boot Attacks, see chapter TPM.

Cold boot attacks are thought to be a very uncommon method of recovering data, but high-risk users should be prepared for such a contingency to stay on the safe side. So long as a cold boot attack is not mounted directly after shutdown, then contents of RAM should be emptied within minutes. [4]

Attack Definition[edit]

A cold boot attack is: [5]

... a type of side channel attackarchive.org in which an attacker with physical accessarchive.org to a computer performs a memory dumparchive.org of a computer's random-access memory (RAM)archive.org by performing a hard reset of the target machine. Typically, cold boot attacks are used to retrieve encryption keysarchive.org from a running operating systemarchive.org for malicious and/or criminal investigative reasons. The attack relies on the data remanencearchive.org property of DRAMarchive.org and SRAMarchive.org to retrieve memory contents that remain readablearchive.org in the seconds to minutes after power has been removed.

There are two primary methods of performing the attack: [6]

  1. The target computer is reset and booted from an alternative medium like a USB with a minimal operating system. RAM contents are recovered, except for those that have been already overwritten. BIOS passwords can trivially defeat this method.
  2. Ram modules are physically transplanted from the target computer into another which performs image extraction. Most of the content is retained if properly cooled using certain sprays that increase the data remanence.

Research Findings[edit]

The original 2008 cold boot attack researcharchive.org found:

  • Dynamic random access memory (DRAM) in most computers retain their contents for seconds to minutes after power is lost, even when removed from the motherboard. [7]
  • This persistence allows for forensic or malicious access to system memory images.
  • Attackers with physical access can potentially cold boot the machine and use an operating system on a removable disk to write the contents of physical memory to a file.
  • This file can be analyzed for sensitive data like cryptographic (encryption) keys.
  • This technique was able to defeat disk encryption schemes like BitLocker, TrueCrypt and FileVault.

More recent research in 2018 has identified that mechanisms that overwrite RAM contents when power is restored can be bypassed by rewriting the non-volatile memory chip (firmware) that contains these settings. [8] [9] At the time of writing DDR3/4 RAM appears to protect against cold boot attacks (see next section).

Possible Countermeasures[edit]

Literature Summary[edit]

The literature suggests the following possible countermeasures against cold boot attacks.

Table: Cold Boot Attack Countermeasures

Category Description
Scrubbing memory Software should try to avoid storing keys in memory. For example, software should overwrite keys when unneeded, keys should be prevented from being paged to disk, and memory cleared at boot time. [10] Unfortunately this cannot protect against keys that remain in memory while in active use, such as encrypted disk keys. Further, researchers demonstrated in 2018 that mechanisms that overwrite RAM contents when power is restored can be bypassed by rewriting the non-volatile memory chip (firmware) that contains these settings. [8] [9] [11]
Limiting booting from network or removable media Administrative passwords can be configured in order to boot from these sources. This is an imperfect defense because the drive can still be swapped out or the computer's NVRAM can be reset to allow for booting from removable media.
Safe system suspension Usually locking the computer screen or suspending a laptop's state is ineffective, because the computer can be awakened, power-cycled, and then have its memory extracted. It is far safer to just completely power off systems when they are not in use, with the computer guarded for a few minutes afterward. Suspension is made safer by necessitating a strong password or external secret to awaken the computer, with memory contents encrypted by a key related to the password.
Avoiding precomputation Although precomputation speeds up cryptographic operations, it makes keys more vulnerable because there is redundant storage of key information.
Key expansion Theoretically the application of a transform to keys when it is stored in memory can make it more difficult to reconstruct. Operating systems could also identify memory locations that decay more quickly, and utilize those to store key material.
Physical defenses Since some cold boot attacks rely on access to DRAM chips/modules, the physical memory can be protected by locking them inside the machine, soldering memory to the motherboard or encasing chips in epoxy so they cannot be removed/accessed.
Future architectural changes DRAM can be designed that loses their state more quickly or future hardware might have key-store hardware that erases the state during power-up, reset and shutdown. Another possibility is the routine encryption of memory contents, so long as they are destroyed after a reset or power loss.
Disk controller encryption Data in the hard disk controller hardware can be encrypted. Unlike normal disk encryption systems, both encryption and decryption are performed by the disk controller which store the main encryption keys. This means encryption/decryption is not performed by software in the main CPU, along with the main encryption keys stored in DRAM.
DDR3 and DDR4 RAM The literature generally suggests that a proper solution to cold boot attacks may be later generation DDR3 and DDR4 RAM which utilizes memory scramblingarchive.org via the memory controllers. This also retains memory for a shorter period of time than DDR1 and DDR2 RAM. In summary, there does not appear to be any way to perform real-world cold boot attacks on scrambled DDR3 and DDR4 memory, however it should be noted that researchers have shown it is possible to descramble DDR3 memory in laboratory conditionsarchive.org. [12] Further, "warm reset attacks" where power is not cut are effective against DDR3 systems. [13] [14]

It should be noted that Trusted Platform Modulesarchive.org (TPMs) are ineffective against cold boot attacks. The reason is TPMs can prevent keys from being loaded into memory for use, but cannot prevent their capture once they are in memory.

Recommendations[edit]

1. Use ram-wipe.

2. Complementary mitigations include:

  • Configuring a computer to automatically shut down after a set period of inactivity.
  • Dismounting encrypted disksarchive.org.
  • Not leaving the computer unattended immediately after shutdown.
  • Soldering memory modules onto the motherboard.
  • Using TCG-compliantarchive.org computer hardware.
  • Using the TRESOR Linux kernel patcharchive.org so CPU registers store encryption keys. [15]
  • RAM Encryption / full memory encryptionarchive.org.
  • After shutdown, it is safer to completely remove the machine from any power source by removing the power plug.
  • In the case of notebooks, the battery should be removed after powering off.
  • Cold boot attacks are a clear and present danger for high-risk users due to the limited countermeasures available. In the purely hypothetical situation where an adversary is knocking earnestly on the door, safest would be pressing the panic button on the host, leading to the contents of RAM being quickly wiped. Failing that, the computer should be immediately shut down and access to the computer delayed as long as possible.
  • Based on the research findings, practical countermeasures for the majority of users involves never leaving the computer unattended and always ensuring the computer is completely shut down when not in use or when in high-risk situations like traveling. [16]
  • A final simple recommendation is to rely on later computer hardware that holds encryption keys in hardware separate from the HDD/SSD and utilizing systems that have DDR3/4 RAM installed; see the footnote for how to determine the RAM type. [17]

See Also[edit]

Footnotes[edit]

  1. https://tails.boum.org/doc/advanced_topics/cold_boot_attacks/index.en.htmlarchive.org
  2. https://archive.li/NNvkOarchive.org
  3. 3.0 3.1 https://en.wikipedia.org/wiki/Cold_boot_attackarchive.org
  4. https://tails.boum.org/doc/advanced_topics/cold_boot_attacks/index.en.htmlarchive.org
  5. https://en.wikipedia.org/wiki/Cold_boot_attackarchive.org
  6. https://doc.lagout.org/security/DFRWS-EU-2016-7.pdfarchive.org
  7. https://tails.boum.org/doc/advanced_topics/cold_boot_attacks/index.en.htmlarchive.org
  8. 8.0 8.1 https://blog.f-secure.com/cold-boot-attacks/archive.org
  9. 9.0 9.1 https://www.wired.com/story/cold-boot-break-pc-encryption/archive.org
  10. The last measure cannot prevent the physical removal of memory chips to another computer for analysis.
  11. In summary, researchers were able to disable memory overwriting and enable booting from external devices. This allowed cold boot attacks via a special program on a USB stick.
  12. While the scrambling algorithm could be broken, researchers only found DDR3 memory retention for around 10 seconds before it totally decayed.
  13. https://web.archive.org/web/20220715140715/https://cyberside.planet.ee/docs/fares_coldboot.pdfarchive.org
  14. The researchers also concluded that cold boot attacks were not possible against modern DDR3 (and later) RAM chips.
  15. https://en.wikipedia.org/wiki/Cold_boot_attack#Register-based_key_storagearchive.org
  16. So the Linux kernel's memory erasing features (page_poison, slub_debug or init_on_free) and/or your firmware reset attack mitigations are instituted.
    • In Linux, launch a terminal and run. sudo dmidecode --type memory
    • In Windows, select the PC Task Manager after pressing Ctrl + Alt + Delete. Click "more details" and navigate to the performance tab. Then select the memory option.
    • In macOS, click the Apple logo and select "About This Mac". For additional information, click the "More Info..." button and navigate to the "Memory" tab.

We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!