Timeline for Are encryption keys wiped from RAM before hibernate, or how to do it (Luks and Truecrypt)
Current License: CC BY-SA 3.0
14 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 17, 2015 at 9:01 | comment | added | CBHacking | For the record, Windows BitLocker definitely purges the encryption key from memory at hibernate. If you use a password or a key stored on a flashdrive, you need to enter it every time the computer wakes from hibernation (TPM-only mode does not need anything extra to resume). Suspend/sleep leaves the key in memory, which is dangerous for all the reasons that have been discussed here already. | |
| Sep 17, 2015 at 13:33 | comment | added | user | Related: Can RAM retain data after removal? | |
| Aug 18, 2015 at 6:53 | history | edited | cyril42e | CC BY-SA 3.0 | more precisions about shutdownramfs |
| Aug 16, 2015 at 20:39 | comment | added | cyril42e | @WhiteWinterWolf Sure, it is in no way a protection against CBA when the computer is running, only a way to ensure that when I shutdown or hibernate the computer it is immediately safe. | |
| Aug 16, 2015 at 8:18 | comment | added | WhiteWinterWolf | @cyril42e: Good finding for the shutdownramfs, however bear in mind that if someone is willing to quickly shutdown your computer to get its hand on the RAM memory content, chances are that he will shutdown it brutally (holding the shutdown button for several seconds for instance) and not using the proper and clean way. | |
| Aug 15, 2015 at 19:44 | history | edited | cyril42e | CC BY-SA 3.0 | added mention to shutdownramfs as a possible solution |
| Aug 15, 2015 at 15:38 | history | edited | WhiteWinterWolf | edited tags | |
| Aug 15, 2015 at 9:53 | history | tweeted | twitter.com/#!/StackSecurity/status/632490211067461633 | ||
| Aug 15, 2015 at 9:12 | comment | added | fantasia | Ah, that's too bad. I will follow this thread with interest, for even though the RAM is cleared fast enough for you to be safe a couple of minutes after shutdown (given that liquid nitrogen isn't used), it is a fascinating question and more security without major cost is never a bad thing. | |
| Aug 15, 2015 at 9:01 | comment | added | cyril42e | I had a look into TRESOR and it seemed quite limiting: no standard implementation, losing AES-NI instruction set, and also losing some SSE instruction set... I'm looking for a way to improve the security, even slightly, but without any major cost (if Intel had added some registers to do the same with AES-NI that would have been great). | |
| Aug 15, 2015 at 8:41 | comment | added | fantasia | It might be worth your time to look into TRESOR and its features. Haven't played around with it myself, but it is probably what you are looking for. | |
| Aug 15, 2015 at 7:00 | answer | added | user45139 | timeline score: 3 | |
| Aug 14, 2015 at 23:56 | review | First posts | |||
| Aug 15, 2015 at 0:00 | |||||
| Aug 14, 2015 at 23:53 | history | asked | cyril42e | CC BY-SA 3.0 |