Sunday, February 24, 2008

Another Byte of Computer History:

A friend told me that the clever group at Princeton that works on security issues, including Ed Felton and the brilliant Alex Haldeman, has figured out how to break hard disk encryption, based on an understanding of how DRAM works. Hard disk encryption is important. It tries to solve a critical problem: that someone can steal your data without breaking your login password, by removing your disk drive and putting it in another computer.

Some hard disk encryption uses poor algorithms, but even if the data is encrypted well, there's encryption info in the drive's DRAM memory that makes it easy to break the code. But not to worry! When you turn a disk drive (or a computer) off, its DRAM loses data, hiding its secrets.

Well, actually, it doesn't, and that's what the Princeton group exploited. DRAM is unreliable after it loses power. Every programmer who made the transition to DRAM (nearly 30 years ago) learned not to trust what you see in DRAM after you reboot a computer. The computer may not even have lost power, but if its normal operation has been upset, it may fail to "refresh" the DRAMs, and some or all of that memory is now false.

The Princeton group stood this principle on its head, and in doing so, they reminded me of long-ago days, programming on DRAM-based machines. The attack on hard disk encryption went like this: Let's power the disk up quick and see what we find in DRAM. Maybe some of it will be useful, among the garbage. And it was.

Now a little bit of history: Hardware designers welcomed the advent of DRAM. It was faster, better, denser and cheaper. Its only downside was this business of losing its data if not continually accessed with power. Software developers hated it. We muttered darkly about long bootup times while everything was reloaded in memory (we were right about that!), and we asked how we could possibly debug a system crash. That question has been brilliantly solved over time, but in those first DRAM years, we did what the Princeton team does: we restarted the crashed computer as soon as we could, and looked through the DRAM for hints of the cause of the crash. We saw many locations that now contained only power-loss garbage, but usually there was enough good info left for some serious debugging.

It's all in the point of view, you see. Since DRAM without power is unreliable, you either regard it as useless, or useful.

Update: Ed Felton reports his team has found that DRAM chips preserve their contents longer if you cool them. At -196 degrees C for example, you can take hours to transfer the chips to another system and read their contents. His team has utterly defeated the common disk encryption products used with Mac OS, Linux and Vista. Engineers will have to design a new kind of memory that REALLY loses its data if disturbed, to make disk encryption work. But even then ...

If you're brave, you can move the AC power supply of a computer to a portable supply and steal the entire computer without powering it down. (I saw that somewhere, on the web.)

No comments: