Synonyms
Related Concepts
Definition
The cold-boot attack is a type of side-channel attack in which an attacker uses the phenomenon of memory remanence in DRAM or SRAM to read data out of a computer’s memory after the computer has been powered off.
Applications
A computer running cryptographic software relies on the operating system to protect any key material that may be in memory during computation. In a cold-boot attack, the attacker circumvents the operating system’s protections by reading the contents of memory directly out of RAM. This can be accomplished with physical access by removing power to the computer and either rebooting into a small custom kernel (a “cold boot”) or transplanting the RAM modules into a different computer to be read. In the latter case, the chips may be cooled to increase their data retention times using an inverted “canned air” duster sprayed directly onto the chips, or submerged in liquid nitrogen....
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Chan EM, Carlyle JC, David FM, Farivar R, Campbell RH (2008) BootJacker: Compromising computers using forced restarts. In: Proceedings of 15th ACM conference on computer and communications security. Alexandria, pp 555–564
Chow J, Pfaff B, Garfinkel T, Rosenblum M (2005) Shredding your garbage: reducing data lifetime through secure deallocation. In: Proceedings of 14th USENIX security symposium. Baltimore, pp 331–346
Gutmann P (1996) Secure deletion of data from magnetic and solid-state memory. In: Proceedings of 6th USENIX security symposium. San Jose, pp 77–90
Halderman JA, Schoen S, Heninger N, Clarkson W, Paul W, Calandrino J, Feldman A, Appelbaum J, Felten E (2008) Lest we remember: cold boot attacks on encryption keys. In: Proceedings of 17th USENIX security symposium, USENIX. Washington, pp 45–60
Heninger N, Shacham H (2009) Reconstructing RSA private keys from random key bits. In: Halevi S (ed) Advances in cryptology – CRYPTO 2009, Lecture notes in computer science, vol 5677. Springer, Berlin/Heidelberg, pp 1–17
Skorobogatov S (2002) Low-temperature data remanence in static RAM. University of Cambridge computer laborary technical report No. 536
Tsow A (2009) An improved recovery algorithm for decayed AES key schedule images. In: Jacobson M, Rijmen V, Naini RS (eds) Selected areas in cryptography, Lecture notes in computer science, vol 5867. Springer, Berlin/Heidelberg, pp 215–230
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Heninger, N. (2011). Cold-Boot Attacks. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_124
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_124
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering