Data Encryption Easily Broken Using Keys Hiding In RAM

Scientists at Princeton have discovered a way to grab otherwise-protected data encryption keys from memory on a computer that's just been powered down. This is pretty scary stuff, since the keys—which are well protected when the computer is on—are the one thing that keeps super-tight encryption from cracking.

It was previously thought that data held in so-called "volatile memory" was only retained for a few seconds after the machine was switched off. But the team found that data including encryption keys could be held and retrieved for up to several minutes.


The best access, it seems, comes when the burglar powers down a hibernating laptop. If he throws it in a freezer first, he'll get even better results: "A laptop cooled to about -50ºC will keep information in its memory for 10 minutes or more."

There's a simple defense. If you shut down your laptop and let it sit for several minutes before going into a dangerous environ, there is little chance that the keys would be recovered from volatile memory. But seriously, when was the last time anyone shut down their laptop completely? [BBC News]

Share This Story