Disk Encryption: Not as secure as I thought

Apparently, it’s easier than I thought to recover disk encryption keys from a stolen laptop computer. The attack works against “several popular disk encryption systems: BitLocker (a feature of Windows Vista), FileVault (a feature of Mac OS X), dm-crypt (a feature of Linux), and TrueCrypt”. Watch the demonstration video at [http://citp.princeton.edu/memory/](http://citp.princeton.edu/memory/).

> The root of the problem lies in an unexpected property of today’s DRAM memories. DRAMs are the main memory chips used to store data while the system is running. Virtually everybody, including experts, will tell you that DRAM contents are lost when you turn off the power. But this isn’t so. Our research shows that data in DRAM actually fades out gradually over a period of seconds to minutes, enabling an attacker to read the full contents of memory by cutting power and then rebooting into a malicious operating system.

Encrypting a disk drive _does_ increase the confidentiality of data. It’s just not as secure as once thought.

Sidenote: Software and hardware based [key loggers](http://en.wikipedia.org/wiki/Keystroke_logging) can reduce the security of encryption as well.