27C3 - Version 1.6.3

27th Chaos Communication Congress
We come in peace

Speakers
Juergen Pabel
Schedule
Day Day 3 - 2010-12-29
Room Saal 3
Start time 23:00
Duration 01:00
Info
ID 4018
Event type Lecture
Track Hacking
Language used for presentation English
Feedback

FrozenCache

Mitigating cold-boot attacks for Full-Disk-Encryption software

Cold boot attacks are a major risk for the protection that Full-Disk-Encryption solutions provide. FrozenCache is a general-purpose solution to this attack for x86 based systems that employs a special CPU cache mode known as "Cache-as-RAM". Switching the CPU cache into a special mode forces data to held exclusively in the CPU cache and not to be written to the backing RAM locations, thus safeguarding data from being obtained from RAM by means of cold boot attacks.

A Proof-of-Concept implementation for Linux will be demonstrated and implementation details discussed.