Re: recovering from compromised keys
Paul Wise, 2010-09-24 10:49:21 +0800 :
> On 9/24/10, Simon McVittie <email@example.com> wrote:
>> Suspend-to-RAM also works, but is obviously not secure against attackers
>> waking up the laptop and exploiting some bug in a locked screensaver, or
>> remote access, or whatever.
> Don't forget about folks using cold boot attacks to grab your key from
> RAM. I also saw a paper somewhere about returning the system to a
> running state after such attacks.
Could that be mitigated by the kernel maybe? Like, it could wipe the
part(s) of the RAM where the key is stored before actually shutting
down the host.
Fate always wins... At least, when people stick to the rules.
-- in Interesting Times (Terry Pratchett)