{"title":"DDR2、DDR3 SDRAM冷启动攻击","authors":"Simon Lindenlauf, Hans Höfken, Marko Schuba","doi":"10.1109/ARES.2015.28","DOIUrl":null,"url":null,"abstract":"Cold boot attacks provide a means to obtain a dump of a computer's volatile memory even if the machine is locked. Such a dump can be used to reconstruct hard disk encryption keys and get access to the content of Bit locker or True crypt encrypted drives. This is even possible, if the obtained dump contains errors. Cold boot attacks have been demonstrated successfully on DDR1 and DDR2 SDRAM. They have also been tried on DDR3 SDRAM using various types of equipment but all attempts have failed so far. In this paper we describe a different hardware setup which turns out to work for DDR3 SDRAM as well. Using this setup it will be possible for digital forensic investigators to recover keys from newer machines that use DDR3 SDRAM.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"152 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"17","resultStr":"{\"title\":\"Cold Boot Attacks on DDR2 and DDR3 SDRAM\",\"authors\":\"Simon Lindenlauf, Hans Höfken, Marko Schuba\",\"doi\":\"10.1109/ARES.2015.28\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cold boot attacks provide a means to obtain a dump of a computer's volatile memory even if the machine is locked. Such a dump can be used to reconstruct hard disk encryption keys and get access to the content of Bit locker or True crypt encrypted drives. This is even possible, if the obtained dump contains errors. Cold boot attacks have been demonstrated successfully on DDR1 and DDR2 SDRAM. They have also been tried on DDR3 SDRAM using various types of equipment but all attempts have failed so far. In this paper we describe a different hardware setup which turns out to work for DDR3 SDRAM as well. Using this setup it will be possible for digital forensic investigators to recover keys from newer machines that use DDR3 SDRAM.\",\"PeriodicalId\":331539,\"journal\":{\"name\":\"2015 10th International Conference on Availability, Reliability and Security\",\"volume\":\"152 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"17\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 10th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2015.28\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 10th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2015.28","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cold boot attacks provide a means to obtain a dump of a computer's volatile memory even if the machine is locked. Such a dump can be used to reconstruct hard disk encryption keys and get access to the content of Bit locker or True crypt encrypted drives. This is even possible, if the obtained dump contains errors. Cold boot attacks have been demonstrated successfully on DDR1 and DDR2 SDRAM. They have also been tried on DDR3 SDRAM using various types of equipment but all attempts have failed so far. In this paper we describe a different hardware setup which turns out to work for DDR3 SDRAM as well. Using this setup it will be possible for digital forensic investigators to recover keys from newer machines that use DDR3 SDRAM.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
