[Discuss] Cold Boot Attacks on Encryption Keys

[richard.pieri at gmail.com (Richard Pieri)]

Tom Metro wrote:
> I was envisioning a system in which an administrator connects into the
> system after reboot and either supplies the entire key over a secure
> channel from an off-site system, or perhaps loads the key from a USB
> drive that is physically removed once loaded into memory, or enters a
> strong password to decrypt a stored key.

Right. But my point is that if the physical security around the 
equipment and data are weak then it is likely that the physical security 
around your backup and key storage are also weak. On the other hand, if 
you treat your keys and backups with the respect and care that they 
deserve then you wouldn't be making amateurish mistakes with your live 
systems.


> I'd be curious to know if anyone has deployed something like TrueCrypt
> on a sizable cluster of machines. How did they handle reboots?

WDE is a last resort against physical compromise. It's effective only 
when the encrypted media is shut off or disconnected from its host.

That said, I've looked into how to do it. It doesn't work without 
compromising security. Either you give your codes to on-site operators 
or you use some kind of remote console. Giving your keys to more people 
means having more people who can be manipulated. It may open /you/ up to 
being manipulated: "Hi, I'm Jimmy, the new third shift operator. The 
database server crashed. I need the unlock code to restart it." Using 
remote access means using a potentially insecure network to transmit 
your WDE unlock codes.


> I don't think you want to be calling up your lawyer and paying him to
> recite strings of hex as you type them in after each reboot.

It's not that you want to be doing that. It's that you want your 
encryption keys to only be in the possession of someone who cannot be 
forced by a court to disclose those keys. Attorney-client privilege and 
all that.

-- 
Rich P.