arno at wagner.name
Tue Jan 14 08:06:27 CET 2014
I assume you mean "vulnerable"....
All software-based encryption is vulnerable to cold-boot
attacks, LUKS is no exception. There is nothing that can
be done about it, and hence there is no discussion.
An attacker can also simply go the full way and not cold
boot, but remove the RAM modules and read them externally.
This has been shown to work for a removal time in the
Unless very carefully implemented, hardware encryption is
vulnerable too. And, of course, anybody with access to
running hardware with openend crypto containers can just
try to break into it.
On Tue, Jan 14, 2014 at 02:25:56 CET, Timothy Alexander wrote:
> I have a question. Is LUKS viable to a cold boot attack. TrueCrypt
> is, but I'm not sure about LUKS. If it is, is there any discussion
> of encrypting keys in RAM (assuming the computer is immediately
> turned off, hibernating, or a container is unmounted).
> Thank you,
> VFEmail.net - http://www.vfemail.net
> ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands!
> $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk!
> No bandwidth quotas!
> Commercial and Bulk Mail Options!
> dm-crypt mailing list
> dm-crypt at saout.de
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
There are two ways of constructing a software design: One way is to make it
so simple that there are obviously no deficiencies, and the other way is to
make it so complicated that there are no obvious deficiencies. The first
method is far more difficult. --Tony Hoare
More information about the dm-crypt