Home Resources News & Events Press Releases BitArmor Delivers Cold Boot Attack Prevention
Login

BitArmor Delivers Software Techniques to
Prevent Cold Boot Attacks on Encryption Keys

Company CEO, Patrick McGregor Ph.D., Shares New Techniques for Software-Driven Cold Boot Protection During Black Hat Conference Presentation

PITTSBURGH, August 4, 2008 — BitArmor™, the leader in data control software that helps corporate executives protect and manage sensitive data throughout their organizations, today announced a new set of software-driven techniques that can prevent Cold Boot attacks by protecting cryptographic keys in encryption systems. Patrick McGregor Ph.D., CEO of BitArmor, will be sharing details of this software-based Cold Boot attack prevention approach during the Black Hat USA 2008 Briefings & Training conference on August 7, 2008.

“Recent Princeton University research showed that widely used disk encryption technologies may be putting critical laptop data at risk,” said McGregor. “This demonstration has made many organizations understand that their disk encryption solutions may no longer be the panacea for protecting critical data on laptops – deeper protection is required. The good news is that there are software-driven techniques that can defend against Cold Boot attacks on machines that have been shut off, machines that are hibernating or sleeping, and machines in screen lock mode.  BitArmor has developed patent-pending software techniques to prevent such attacks on encryption keys in memory in order to ensure that critical systems remain secure.”

McGregor’s Black Hat presentation is particularly timely with the news that one of the original Princeton University researchers has just published all of the utilities the study used to break full disk encryption products.

BitArmor prevents Cold Boot attacks using software techniques that do not involve the use of any specialized hardware or encryption chips. Instead, the techniques utilize novel cryptographic transformations, memory system and operating system operations, and certain architectural features of general-purpose processors such as Pentiums. As a result, BitArmor’s disk encryption technology can prevent attacks from threat scenarios described in the Princeton paper.

BitArmor disk encryption technology prevents the following Cold Boot attacks:

  • DRAM access during hibernation and after shutdown: BitArmor scrubs keys using KeyScrubber™ technology immediately before the computer shuts down or goes into hibernation mode – accessing the memory will yield nothing.
  • DRAM access during sleep or screen-lock modes: BitArmor uses patent-pending cryptographic, OS and processor architecture techniques to provide robust protection.  By creating a “virtual secure enclave” for encryption keys in software, an attacker cannot extract critical keys from memory – even if the RAM is super-cooled. 
  • Booting an alternate operating system to recover RAM contents: BitArmor uses patent pending, advanced memory system techniques to prevent this attack.
  • Super-cooling RAM: Using built-in temperature sensors, BitArmor can lock down the system in reaction to temperature drops that may indicate a Cold Boot attack is in progress. 

The risk of Cold Boot attacks have become increasingly visible following the Princeton study titled "Lest We Remember: Cold Boot Attacks on Encryption Keys" which was released in February 2008. The paper identifies that a computer’s RAM is vulnerable to attack through a mechanism as simple as booting a laptop over a network or from a USB drive and scanning for encryption keys. As a result, just having physical access to a machine and some simple hacking tools are all that is needed to put critical laptop and desktop data at risk.

Black Hat USA 2008 Briefings & Training Presentation

Patrick McGregor Ph.D., CEO of BitArmor, will be sharing details of this software-based Cold Boot attack prevention approach during the Back Hat USA 2008 Briefings & Training conference. His session will be held on August 7, 2008 in the 0-Day Defense track from 4:45 p.m. to 6:00 p.m.

Dr. McGregor earned his Ph.D. in cryptography from Princeton University, is an expert in computer security and computer architecture, and has authored and presented many research papers for refereed conferences and journal publications. He has filed for several pending patents involving cryptography and security software. His experience includes technical positions at Hewlett Packard Laboratories and several other software companies, and he has been quoted regarding his security research in national publications including The New York Times

About BitArmor

BitArmor offers DataControl, powerful new software that provides a faster, easier, more cost-effective way to protect and manage sensitive data throughout any organization. Unlike traditional solutions that only deal with information at specific points in the system, BitArmor DataControl software attaches a Smart Tag™ directly to the data itself — a tag that travels with the data and allows you to secure, track, and control it regardless of where it is stored or sent. BitArmor helps companies protect valuable data assets, achieve regulatory compliance, and manage data throughout its functional lifecycle.

PDF Version