[FDE] DRAM attack - not thwarted at all by Seagate's driveCORRECTION the data on the HDD IS Protected!!!

Simson Garfinkel simsong at acm.org
Sat Mar 1 22:44:42 MST 2008 

Hi, Garrett.

Can you tell me from were are you getting this technical information  
on the Seagate Momentus FDE.2?

Thanks!

On Mar 1, 2008, at 11:30 AM, Andreas W. Kuhn wrote:

> Garrett,
>
> I think there are many that feel like you. There could theoretically  
> be
> any number of future possibilities to lift temporary data from DRAM.
>
> Like it has been said in previous comments, the best way preventing
> lifting of sensitive temporary data from DRAM is simply to try and
> circumvent storing sensitive data in DRAM
>
> The Seagate MOMENTUS FDE.2 approach is a simple one:
>
> Keep the encryption key in a safe partition of the hard drive and do  
> not
> make it available for the system to see.
>
> The Seagate MOMENTUS FDE.2 does just that. It works as follows:
>
> User must authenticate themselves directly to the drive using a  
> password
> before the drive will unlock and allow the normal OS to boot. This  
> does not
> use either the BIOS or the OS to perform the authentication.
>
> The Seagate  MOMENTUS FDE.2  drive supports more secure authentication
> approach where the authentication to the drive is done using an  
> alternate
> pre-boot OS held in a protected area of the drive, and also support  
> new ATA
> security commands for Trusted Send and Trusted Receive to protect  
> the password.
>
> If the authentication is successful, as determined by the Seagate  
> MOMENTUS FDE.2
> drive, then the drive is unlocked and the system is allowed to boot  
> normally.
>
> With this solution, not only is the authentication done before any  
> foreign software
> is allowed to load, the encryption keys are never exposed outside  
> the protected
> hardware of the drive itself, including the user area of the drive  
> or in the OS, which
> is what these attacks are exploiting.
>
> A solution for the stand-by mode on the Seagate MOMENTUS FDE.2 is  
> apparently
> imminent. This will make it the only solution available that will  
> support both,
> secure "hibernation" and secure "stand-by" mode.
>
>
>
> Garrett wrote:
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> + In fact, I think hardware-based encryption (like the Momentus  
> drive) is the way to go in the long
> + haul (hardware+software attacks are typically more difficult than  
> software-only attacks).
> +
> + Just a bit frustrated that I can't sleep as easy at night knowing  
> that the "theoretical" RAM analysis
> + technique will (soon?) be used by more than a group of researchers  
> at Princeton, realistically.
> _______________________________________________
> FDE mailing list
> FDE at www.xml-dev.com
> http://www.xml-dev.com/mailman/listinfo/fde

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.xml-dev.com/pipermail/fde/attachments/20080301/3170c56d/attachment.html

More information about the FDE mailing list