COMMENTARY: "Cold boot" BitLocker attack is over-hyped

An attack that relies on stealing and then cooling RAM to extract encryption keys is over-hyped, and the criticism of Microsoft's BitLocker is undue.

The team behind the so-called cold boot attack on hard disk encryption technologies, which includes researchers from the Electronic Frontier Foundation and Princeton University, have uncharacteristically and overzealously marketed their research.

In a nutshell, the researchers found the contents of RAM, contrary to popular belief, doesn't in fact vanish immediately when its power is cut. So, by quickly removing it and reading its contents with another system, it's possible to recover the keys used by encryption software to encrypt and decrypt data on the fly. This attack will render some hard disk encryption technologies ineffective in some circumstances. In a nifty twist, the team also found that by reducing the temperature of RAM with a cool spray from a can of compressed air it's possible to preserve an almost perfect snapshot of memory for several minutes.

Not content to just publish their findings in this very reasonable and interesting research paper [PDF], the team or someone associated with it created a somewhat alarmist YouTube video which incorrectly implied technologies like Microsoft's BitLocker are useless in most circumstances. The video introduction framed these concerns by highlighting high-profile data-loss incidents involving laptop computers. (For the sake of this opinion piece we're just going to focus on the ramifications of the research as it applies to Microsoft's BitLocker.)

But the truth is -- at its worst -- this attack may result in some organisations merely tweaking their security policies to mitigate the cold boot technique. The problem with the Princeton attack is it requires physical access to the target machine while it's either in standby mode or switched on, otherwise the keys are not in memory.

Given most data loss incidents involving laptop computers come around as a result of staffers leaving their portable computers in the back of taxis or down at the pub, the likelihood of a laptop simply being found switched on or in sleep mode is unlikely. Even then, the person lucky enough to find it will most likely have their nephew format the drive so they can sell it on eBay; they're unlikely to bother with freezing its RAM and decrypting the contents of the hard drive. Even so, the solution to this threat scenario is simple -- hibernate or switch off your laptop when you're lugging it around or leaving it unattended in an insecure environment.

There is, however, an exception to this rule. One circumstance where this is a serious problem for BitLocker users is when the laptop in question is equipped with a Trusted Platform Module (TPM) that loads keys into memory before a password is entered. Quoting from the researchers' report:

BitLocker differs from other disk encryption products mainly in the way that it protects the keys when the disk is not mounted. In its default "basic mode," BitLocker protects the disk's master key solely with the Trusted Platform Module (TPM) found on many modern PCs. This configuration, which may be quite widely used [20], is particularly vulnerable to our attack, because it allows the disk encryption keys to be extracted with our attacks even if the computer is powered off for a long time. When the machine boots, the keys will be loaded into RAM automatically (before the login screen) without the entry of any secrets. It appears that Microsoft is aware of this problem [31] and recommends configuring BitLocker in "advanced mode," where it protects the disk key using the TPM along with a password or a key on a removableUSB device.

That just means BitLocker users should tick the "advanced" box. After a couple of tweaks to an organisation's IT policy as it relates to BitLocker settings, and the attack is completely mitigated. The cold boot attack is not the head shot it's made out to be.

Not surprisingly, this has annoyed Microsoft no end. Having reported on security for long enough to know several Microsoft security staffers, I know their general policy is to never get into a slanging match with researchers or other vendors. There are exceptions, but that's the rule. I recall at one stage Microsoft was getting a terrible time in the press for flaws in Windows Media Player, while several equivalent Apple QuickTime bugs barely rated a mention. Security staffers, in conversations with media, were forbidden from drawing comparisons between the security of QuickTime and Windows Media Player. It burned, especially considering Apple's marketing and PR strategy at the time was to attack Microsoft's security at every available opportunity. But the Microsoft security guys just sucked it up and bit their tongues, waiting for the inevitable bug deluge to wash away OS X's reputation as a "secure" operating system. That deluge arrived last year.

Microsoft's normal attitude was present this week, if a little frayed. Douglas MacIver, Microsoft's resident BitLocker penetration tester, posted this diplomatic poo-poo*:

As the researchers state in their paper, dynamic random access memory (DRAM) remanence issues have been known about since the 1970's. At Microsoft, we considered this class of attack and other platform realities while designing, implementing, and documenting BitLocker. We have also worked to inform our customers of these risks and mitigations in many forums, including my Hack in the Box presentation in September, 2006.

Another concern surrounding this research is attacks on servers in data centres. But it's doubtful any administrators are going to install full disk encryption technology on their servers requiring a secret or password to be entered before the keys are loaded into memory and the volume mounted, otherwise a reboot would always require a physical presence in the data centre.

A mitigating factor here is physical security in the average data centre is actually pretty good, if you're prepared to pay for it. We've long ago become accustomed to the idea that physical access to our production environments from non authorised personnel should be considered an outright compromise. Sure, in some centres other customers might be able to fiddle with your equipment, but techniques already exist for subverting the security of servers located in data centres without resorting to freezing their RAM. An attacker with physical access could just install a hardware keylogger to grab an administrator password at the next login.

The cold boot research is important. But it's unfortunate to see a bunch of non-profit researchers resorting to alarmist marketing tactics to promote their findings. We expect it from vendors, not from academics. As naughty-hacker-turned-security-consultant Adrian Lamo said in a recent podcast interview, if this research was conducted by a vendor we could have expected a product solution on shelves within a week. "RAM Defender! Don't let your RAM get frozen!"

More reading:

* Microsoft's Security Integrity Team Blog response: Protecting BitLocker from Cold Attacks (and other threats)

Russ Humphries' Windows Vista Security Blog response.

Read more on Hackers and cybercrime prevention