Saturday, February 23, 2008

Hard disk encryption hack: ISC got it right

Anyone who reads my blog should have heard it by now from other sources: full-disk encryption can often be defeated by extracting data from DRAM chips, even after the computer in which they reside has been powered off or put to sleep.

A group of researchers at Princeton University figured out that by cooling the memory modules, their contents decay slower and can be recovered, at least to a substantial degree. If that content happens to contain an encryption key used to decrypt the contents of a hard-drive, the encryption can be defeated by compromising the key.

The fact that an encryption algorithm is only effective when a key can be kept confidential has once more been re-established. While many bloggers were breaking the news, the Internet Storm Center handler of the day, Swa Frantzen, got it right:
Still, if you have confidential material, disk encryption is one of the layers, just don't use it as the only layer.
Hard-disk encryption has often been seen as a universal solution to unintended data disclosure. I am also guilty of assigning too much value to it. This discovery serves are a very important reminder for just that: information protection is only effective when there is more than one mechanism.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.