Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors [Feb 2017]

Important: Read the posts below created by “HulaHoop”, article contains misinformation. Existing schemes such as Intel’s SGX can NOT effectively prevent such attacks


Abstract:
Previous work has demonstrated that systems with unencrypted DRAM interfaces are susceptible to cold boot attacks – where the DRAM in a system is frozen to give it sufficient retention time and is then re-read after reboot, or is transferred to an attacker’s machine for extracting sensitive data. This method has been shown to be an effective attack vector for extracting disk encryption keys out of locked devices. However, most modern systems incorporate some form of data scrambling into their DRAM interfaces making cold boot attacks challenging. While first added as a measure to improve signal integrity and reduce power supply noise, these scramblers today serve the added purpose of obscuring the DRAM contents. It has previously been shown that scrambled DDR3 systems do not provide meaningful protection against cold boot attacks. In this paper, we investigate the enhancements that have been introduced in DDR4 memory scramblers in the 6th generation Intel Core (Skylake) processors. We then present an attack that demonstrates these enhanced DDR4 scramblers still do not provide sufficient protection against cold boot attacks. We detail a proof-of-concept attack that extracts memory resident AES keys, including disk encryption keys. The limitations of memory scramblers we point out in this paper motivate the need for strong yet low-overhead full-memory encryption schemes. Existing schemes such as Intel’s SGX can effectively prevent such attacks, but have overheads that may not be acceptable for performance-sensitive applications. However, it is possible to deploy a memory encryption scheme that has zero performance overhead by forgoing integrity checking and replay attack protections afforded by Intel SGX. To that end, we present analyses that confirm modern stream ciphers such as ChaCha8 are sufficiently fast that it is now possible to completely overlap keystream generation with DRAM row buffer access latency, thereby enabling the creation of strongly encrypted DRAMs with zero exposed latency. Adopting such low-overhead measures in future generation of products can effectively shut down cold boot attacks in systems where the overhead of existing memory encryption schemes is unacceptable. Furthermore, the emergence of non-volatile DIMMs that fit into DDR4 buses is going to exacerbate the risk of cold boot attacks. Hence, strong full memory encryption is going to be even more crucial on such systems.

I don’t know why SGX is being recommended as a silver bullet when it was cracked open by researchers recently.

Who would trust hardware manufacturers to make memory scramblers that protect keys? The best way it to power off your machine and the keys decay in RAM in a couple of seconds but NVRAM will make this impossible.

Please try to summarize articles instead of copying huge chunks.

Sounds interesting, could you provide a link?

I agree that you shouldn’t rely on memory scramblers to protect keys, however many people still operate under the false assumption that they’re invulnerable to Cold Boot Attacks if they’re using DDR3/DDR4 DRAM. You should power off your machine if possible, but this paper also contains some useful information for the unlikely event where you are unable to power off your machine.

I think the abstract is a pretty good summary of the article.

Sorry for promoting an article that’s spreading misinformation, thanks for taking the time to let me know. I’m glad you’re a part of the whonix community.

2 Likes