Tuesday 26 February 2008

Scary Flaw in Modern Encryption Techniques

Hi all,

I just stumbled upon this link to a paper from the Center for Information technology at Princeton.

The flaw lies within the assumption that DRAM losses its contents on power off, this paper shows that this assumption is faulty, values can remain in ram for seconds and even minutes after power off. This is of critical importance as it means that in-memory encryption keys and other non-secured information is accessible to attackers / forensic experts.

I imagine there are a number of strategies that mitigate the problem but it again highlights the biggest problem in computer security, the human link.

1 comment:

  1. That is a very interesting post on memory techniques! In fact, to find out more about other useful memory techniques, check out http://www.photographic-memory.org

    ReplyDelete