27C3 - Version 1.6.3

27th Chaos Communication Congress
We come in peace

Juergen Pabel
Day Day 3 - 2010-12-29
Room Saal 3
Start time 23:00
Duration 01:00
ID 4018
Event type Lecture
Track Hacking
Language used for presentation English


Mitigating cold-boot attacks for Full-Disk-Encryption software

Cold boot attacks are a major risk for the protection that Full-Disk-Encryption solutions provide. FrozenCache is a general-purpose solution to this attack for x86 based systems that employs a special CPU cache mode known as "Cache-as-RAM". Switching the CPU cache into a special mode forces data to held exclusively in the CPU cache and not to be written to the backing RAM locations, thus safeguarding data from being obtained from RAM by means of cold boot attacks.

A Proof-of-Concept implementation for Linux will be demonstrated and implementation details discussed.

Archived page - Impressum/Datenschutz