[Discuss] Cold Boot Attacks on Encryption Keys

[Tom Metro]

Richard Pieri wrote:
> Tom Metro wrote:
>> They're encrypted too, with keys only held in memory.
> 
> Then your disaster recovery options are nil. An encrypted backup that
> cannot be decrypted is mostly useless....

Sorry, I thought it was obvious that the keys had to come from
somewhere. (Somewhere other than generating a new key every time the
system reboots.)

I was envisioning a system in which an administrator connects into the
system after reboot and either supplies the entire key over a secure
channel from an off-site system, or perhaps loads the key from a USB
drive that is physically removed once loaded into memory, or enters a
strong password to decrypt a stored key.

I alluded to all this in the prior message when I questioned how
scalable this approach is. Although I'm sure some automation could be
used to load keys onto multiple systems, the more automated the system
becomes, the likely it becomes that someone can get their hands on your
key server.

I'd be curious to know if anyone has deployed something like TrueCrypt
on a sizable cluster of machines. How did they handle reboots?


Dan Ritter wrote:
>> They're encrypted too, with keys only held in memory.
> 
> No. They're encrypted, with keys written down on paper and held
> by your lawyer.

I thought we were talking about data backups, not key backups. You want
to store your key backups on paper with your lawyer, sure, that makes sense.

But the keys used to encrypt your data needs to be loaded into memory
after reboots. Even if you wrap your symmetric key in an asymmetric
encrypted container, you still need the private key to expose the
symmetric key at the time backups are being created.

I don't think you want to be calling up your lawyer and paying him to
recite strings of hex as you type them in after each reboot.

 -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/