LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Is LUKS susceptible to memory attacks on recently powered down systems?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-17-2008, 07:08 PM   #1
Meson
Member
 
Registered: Oct 2007
Distribution: Arch x86_64
Posts: 606

Rep: Reputation: 67
Is LUKS susceptible to memory attacks on recently powered down systems?

As far as I can tell, full disk encryption software needs to store your password and/or key in memory in plain text while the system is on. If someone is able to quickly power down your system and read your ram before it loses its data, they can potentially find your password/key.

Does LUKS/dm-crypt work this way?

If it does, could this be fixed by generating temporary keys at boot-time?
 
Old 04-17-2008, 08:05 PM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
The key information is cleared when you log out. The attack uses intermediate information to reveal the keys. If you pay attention to the demo video, the keyboard on the keyboard was already unscrewed before shutting down to enable quick enough access to the ram chips. For more recent ram sticks, the information is valid for only 5-10 seconds rather than like 30 seconds so there is less time to locate the chips.

More information on this theoretical attack can be found in the podcast Security Now episode 137.
www.twit.tv/sn/sn137
Last edited by jschiwal; 04-17-2008 at 08:54 PM. Reason: fixed url
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Will Wine make me susceptible to Windows viruses? cosaides Linux - Software 3 01-16-2008 06:42 PM
LXer: Ex-HPer Says HP, IBM, Others Susceptible To Open Source LXer Syndicated Linux News 0 07-05-2007 07:31 AM
memory unification between 2 linux systems kishanhari Linux - Kernel 1 03-05-2007 12:03 PM
memory unification between 2 linux systems kishanhari Programming 1 03-05-2007 08:15 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:34 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration