Quick Links

Geeks often consider encryption a fool-proof tool to ensure that data stays secret. But, whether you encrypt your computer's hard drive or your smartphone's storage, you may be surprised to know the encryption can be bypassed at cold temperatures.

It's unlikely that your personal encryption will be bypassed in this way, but this vulnerability could be used for corporate espionage, or by governments to access a suspects' data if the suspect refuses to disclose the encryption key.

How Full-Disk Encryption Works

Whether you're using BitLocker to encrypt your Windows file system, Android's built-in encryption feature to encrypt your smartphone's storage, or any number of other full-disk encryption solutions, each type of encryption solution works similarly.

Data is stored on your device's storage in an encrypted, seemingly scrambled form. When you boot your computer or smartphone, you're prompted for the encryption passphrase. Your device stores the encryption key in its RAM and uses it to encrypt and decrypt data for as long as your device stays powered on.

Assuming you have a lock-screen password set on your device and attackers can't guess it, they'll have to restart your device and boot from another device (such as a USB flash drive) to access your data. However, when your device powers off, the contents of its RAM disappear very quickly. When the contents of the RAM disappear, the encryption key is lost and the attackers will need your encryption passphrase to decrypt your data.

This is how encryption is generally assumed to work, and it's why smart corporations encrypt laptops and smartphones with sensitive data on them.

Data Remanence in RAM

As we mentioned above, data disappears from RAM very quickly after the computer is powered off and the RAM loses power. An attacker could try to quickly reboot an encrypted laptop, boot from a USB stick, and run a tool that copies the contents of the RAM to extract the encryption key. However, this normally wouldn't work. The RAM's contents will be gone within seconds, and the attacker will be out of luck.

The time it takes for data to vanish from RAM can be extended significantly by cooling the RAM. Researchers have carried out successful attacks against computers using Microsoft's BitLocker encryption by spraying a can of upside-down compressed air on the RAM, bringing it to low temperatures. Recently, researchers put an Android phone in the freezer for an hour and were then able to recover the encryption key from its RAM after resetting it. (The boot loader needs to be unlocked for this attack, but it would be theoretically possible to remove the phone's RAM and analyze it.)

Once the contents of the RAM are copied, or "dumped," to a file, they can be automatically analyzed to identify the encryption key that will grant access to the encrypted files.

This is known as a "cold-boot attack" because it relies on physical access to the computer to grab the encryption keys remaining in the computer's RAM.

upside-down-compressed-air-can

How To Prevent Cold-Boot Attacks

The easiest way to prevent a cold-boot attack is by ensuring that your encryption key is not in your computer's RAM. For example, if you have a corporate laptop full of sensitive data and you're worried that it may be stolen, you should power it off or put it into hibernate mode when you aren't using it. This removes the encryption key from the computer's RAM -- you'll be prompted to re-enter your passphrase when you start the computer again. In contrast, putting the computer into sleep mode leaves the encryption key remaining in the computer's RAM. This puts your computer at risk of cold-boot attacks.

The "TCG Platform Reset Attack Mitigation Specification" is an industry response to this concern. This specification forces a device's BIOS to overwrite its memory during boot. However, a device's memory modules could be removed from the computer and analyzed on another computer, bypassing this security measure. There is currently no fool-proof way to prevent this attack.

pile-of-ram

Do You Really Need To Worry?

As geeks, it's interesting to consider theoretical attacks and how we could prevent them. But let's be honest: Most people won't need to worry about these cold-boot attacks. Governments and corporations with sensitive data to protect will want to bear this attack in mind, but the average geek shouldn't worry about this.

If someone really wants your encrypted files, they'll probably try to get your encryption key out of you rather than attempt a cold-boot attack, which requires more expertise.

xkcd-security

Image Credit: Frank Kovalcheck on Flickr, Alex Gorzen on Flickr, Blake Patterson on Flickr, XKCD