Emerging Threats

Mobile Armor Protects Against Cold Boot Vulnerabilities

REQUEST THE UPCOMING
EMERGING THREATS WHITE PAPER
First name *
Last name *
Organization *
Title
Email *
Telephone

* Denotes a required field

Yes, I would like to receive other offers and promotions from Mobile Armor

We respect your privacy. See our Privacy Policy (Mobile Armor never sells or shares personal information)

In response to last week’s Princeton University Report on full disk encryption security flaws, Mobile Armor, the leader in data protection solutions, today said its DataArmor™ product has long included safeguards to prevent the types of exploits detailed in the report.

Click here to see the Press Release.

The Princeton Report found that through the use of simple tools thieves could capture the encryption keys from systems running disk encryption software from Microsoft, Apple, and TrueCrypt. ”While the DataArmor product provides similar functionality to the studied products, our solution goes far beyond the basics and is engineered to protect against the vulnerabilities cited in the Princeton Report,” said Bryan Glancey, chief technology officer of Mobile Armor.

More secure than other offerings, DataArmor was architected and developed utilizing several patent-pending technologies that protect critical enterprise data from these modern threats. Integral in any secure implementation of cryptography is the secure protection of key information. Mobile Armor’s products guard against attacks on cryptographic key information at every stage of their lifetime wherever they reside.

”Mobile Armor’s mission is the protection of critical enterprise data and to proactively develop products that prevent these types of attacks,” Chand Vyas, chairman and CEO of Mobile Armor. ”Our R&D program continually searches and tracks potential vulnerabilities and works toward offering new solutions capable of combating today’s evolving security threats. We applaud the Princeton Report scientists for their vigilance and expect that this report will have a lasting effect that increases the level of review and raises the bar on quality in the encryption marketplace.”

Mobile Armor’s Upcoming White Paper on Emerging Threats Abstract

On February 21, 2008, Princeton University researchers released a report titled ”Lest We Remember: Cold Boot Attacks on Encryption Keys.” In this important report, they present the results of their research into the decay rates and stability of information stored in standard DRAM modules in a number of personal computers. They then further demonstrate a series of specialized attacks which can be made on these DRAM modules and how it is possible to extract usable information from the modules, specifically, in this case, the encryption keys used in several common encryption systems.

This attack highlights not only the potential vulnerability of software specifically, but also how hardware can be tricked into giving up its information under the right circumstances. While the attack specifically focused on standard DRAM in personal computers, the overall techniques could be extrapolated to any type of device with memory where a user can gain physical access, not just DRAM in computers.

The overall implications of this outside-the-box thinking show the importance of good design and coding practices along with a strong focus on shrinking the attack surface of the software providing the data security. As noted by many cryptographers and mathematicians, even the encryption of data does not mean that it is impossible to decrypt the data; the point is to ensure that the selected encryption algorithm used is strong enough as to make such an attack implausible enough as to make it impossible.