Although Cold Boot Attacks are considered to be somewhat of an antiquated method, largely due to the need for an attacker to have physical access to the machine, they still represent a threat to unprotected systems.
By definition, a Cold Boot Attack is a type of side channel attack in which an attacker with physical access to a computer is able to retrieve encryption keys from a running operating system after using a cold reboot to restart the machine. Known since 2008, these attacks target data memory remanences, sometimes containing sensitive and personal information, on a CPU’s RAM which can linger anywhere from a few seconds to a few minutes after power has been removed. By utilizing a removable disk, attackers are able to upload sensitive data and viola, you have a security breach.
Many modern systems have security countermeasures to prevent these types of attacks; by memory scrambling or encrypting RAM the ability to steal encryption keys is essentially eliminated, but a new threat could threaten most modern computers according to experts.
Researchers from F-Secure, a Finnish company, have found new methods to disable current cold boot attack firmware security measures. This attack still requires the physical access that previous cold boot attacks utilized, but the threat is still present. The company is positioned to release additional information on their findings at upcoming events and conferences.
In the meantime, companies looking to protect their data can look to modernize security functionality of their systems by following guidelines and requirements laid out within FIPS 140-2. The FIPS requirements for level 3 require, in addition to all security measures from level 1 and 2, identity-based authentication, physical security mechanisms for tamper detection and tamper response, and zeroization of keys to destroy this type of data. Implementing these changes helps to prevent cold boot attacks from ever occurring.
For more information on engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.
About Corsec Security, Inc.
For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2, Common Criteria (CC) and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.
Connect With Us
Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – Subscribe
Corsec Director of Marketing