Cold Boot Attack
In this article, we will learn how sensitive cryptographic key material can be taken away from DRAMs, which are used in most modern operating systems through an attack known as cold boot attack.
Introduction
Though it is believed by many that a computer's memory gets erased as soon it loses power and thus there is no threat to the information, this assumption is incorrect. DRAMs, which are used in most modern operating systems today, can lose their content gradually over a period of time. Keeping DRAMs a at lower room temperature, say -50 degrees C, the content of DRAM can last from about several minutes to even hours. This property of DRAM chips can play a destructive role and can lead to compromise of sensitive cryptographic materials like cryptographic keys.
Earn two pentesting certifications at once!
Enroll in one boot camp to earn both your Certified Ethical Hacker (CEH) and CompTIA PenTest+ certifications — backed with an Exam Pass Guarantee.
What is a Cold Boot Attack?
Cold boot attack is a type of attack in which the power supply to a computer is cycled off and on without letting the operating system shut down properly. The DRAM cells which are used in most operating systems today can retain data due to their data remanence property, and thus sensitive cryptographic material stored in the DRAM cell can be stolen.
For any software to perform encryption, the software must load the encryption keys onto the system's main memory before it is being run by the processor. Thus, to get the encryption keys, all one needs is to fetch the contents of the computer's main memory. So what made the DRAM retain the contents? A DRAM cell is essentially a capacitor. Each cell encodes the capacitor conductor with a 0 or 1 bit. At room temperature, the cell can lose this material pretty quickly, even under a cold boot attack. Experiments have revealed that if the cell is maintained under a lower room temperature under the cold boot attack, the DRAM cell can hold the value of cells for a longer period of time. Also, the decay pattern of the DRAM cell can be predicted at a fixed room temperature. After the state of the main memory is retained, when the system boots up again, BIOS usually rewrites a small portion of the memory. Thus, during boot-up it is necessary to dump the memory content to an external medium such a USB device that a computer can boot up externally.
Understanding Virtual Address Space
Before we go further in to the nitty-gritty of this attack, it is important for us to understand the memory management of a particular operating system. For this article, will take into consideration the memory management of a Windows 32 bit operating system.
Whenever a processor performs a read or write operation, it uses a virtual address. The virtual address is translated back to the physical address through a page table, which acts like an index to the memory. The virtual address of a 32 bit Windows OS is 4 GB in size and is divided into 2 partitions. These 2 partitions are termed as user mode and kernel mode.
User Mode
In this mode, the process's execution code has no accessibility to the underlying hardware. To access underlying hardware and memory, the process in this mode refers to the system APIs to make a call. User mode has no accessibility to the kernel mode space as well. This mode can be adjusted in the OS as per the needs.
Kernel Mode
In kernel mode, the process's execution code has complete access to the underlying hardware. Processes run in kernel mode have access to user mode space a well. Lower level functions of an operating system run in kernel mode, and any CPU instruction can be executed in the kernel mode space. A crash in kernel mode usually brings down the whole system.
Reducing the Scope of Search in Virtual Address Space
If we are going to analyze the whole memory that is being dumped into a bootable device, it will be very difficult to get the relevant and accurate material out of it, as the memory usually contains gigabytes of data. So we should reduce the scope of the search around the main memory, so that it will be easy to fetch out the cryptographic keys out of the main memory.
Cryptographic keys reside in the kernel mode space of the virtual address space, but before we get into the details of this, let's first review the concept of page file. Page file is the space to which, if we are running low on RAM, our system moves the least recently used pages from the memory. For example, let' say a user has opened multiple applications in the system, and after some time, the user has minimized some applications. If there is need of more RAM by the active applications, the system will move the minimized applications in the pagefile.sys in the root of drives so that more RAM is available for the running applications. This pagefile.sys is encrypted by default.
Coming back to our scenario in reducing the scope of the virtual address space, we have eliminated the user mode, and out of the kernel mode we can also eliminate the page allocated as the pool for paged contents, because this space is encrypted and it will lead to more computation to extract the keys out from this space for the vendor itself. So we are left with the non-paged memory pool of the kernel mode space where most likely the cryptographic keys can be present.
Key Identification
After the memory is dumped to an external device or a complete DIMM module is being shifted, identification of keys in the memory is the most important and difficult task to do. A simple approach to identify the keys in the memory is to test every sequence of bytes or to check whether that chunk of bits can be used to decrypt any plain text, and one should also make sure to cover the error bit rate, as even a small error rate in the sequence of bits can result in failure.
Best Practices
Below are other best practices that should be practiced as countermeasures to prevent this type of attack.
Storage of keys
Memory where keys are stored should be overwritten when the residing keys are no longer in use, and keys should be protected from being paged to disk. Also, systems should be configured to clear RAM before startup though techniques like Power-On-Self-Test (POST). With the help of POST, imaging a memory locally will not be possible.
Booting from removable Media
This type of attack can be controlled from checking or restricting the type of device a computer can boot from, as this attack is mostly supported trough a removable media boot-up. Computers can be configured to require an admin password to boot from these sources.
Gracefully shutdown of a system
Systems should be properly shutdown and reawakening of the machine should be protected with a password. The password chosen must be strong and resistant to password guessing attack. The system can also be made to encrypt only those pages or regions which contain encryption keys.
Physical Security
The above mentioned POST can only protect the imaging of memory from locally installed software, but it cannot protect if the attacker could physically move the memory chips from one system to another. DRAM chips should have limited physical access .DRAM chips should be placed inside a machine, and the machine should be locked. Active sensor systems should be deployed to respond to low temperatures or opening of computer's case by attempting to overwrite memory.
Key Reconstruction
Another defense mechanism which can be used to prevent this type of attack is to transform the key so that it is difficult to reconstruct the key. Keys should be recomputed when in use and deleted immediately after use.
Avoid key pre-computation
Pre-computation of keys certainly helps in improving performance, but it leads to storage of keys' information which can be used to reconstruct keys. Thus pre-computation of keys should be avoided.
FREE role-guided training plans
Trusted Platform Module
Trusted Platform module which is used in most computers today can be used to decide whether it is safe to store the key in RAM or not. Thus it can restrict software to use the keys from RAM and also protect the keys from being loaded into the memory itself.
References
Enroll in an Ethical Hacking Boot Camp and earn two of the industry’s most respected certifications — guaranteed.
- CEH exam voucher
- PenTest+ exam voucher
- Exam Pass Guarantee
- Live online hacking training
In this Series
- Cold Boot Attack
- The rise of ethical hacking: Protecting businesses in 2024
- How to crack a password: Demo and video walkthrough
- Inside Equifax's massive breach: Demo of the exploit
- Wi-Fi password hack: WPA and WPA2 examples and video walkthrough
- How to hack mobile communications via Unisoc baseband vulnerability
- How to build a hook syscall detector
- Top tools for password-spraying attacks in active directory networks
- NPK: Free tool to crack password hashes with AWS
- Tutorial: How to exfiltrate or execute files in compromised machines with DNS
- Top 19 tools for hardware hacking with Kali Linux
- 20 popular wireless hacking tools [updated 2021]
- 13 popular wireless hacking tools [updated 2021]
- Man-in-the-middle attack: Real-life example and video walkthrough [Updated 2021]
- Decrypting SSL/TLS traffic with Wireshark [updated 2021]
- Dumping a complete database using SQL injection [updated 2021]
- Hacking clients with WPAD (web proxy auto-discovery) protocol [updated 2021]
- Hacking communities in the deep web [updated 2021]
- How to hack Android devices using the StageFright vulnerability [updated 2021]
- Hashcat tutorial for beginners [updated 2021]
- How to hack a phone charger
- What is a side-channel attack?
- Copy-paste compromises
- Hacking Microsoft teams vulnerabilities: A step-by-step guide
- PDF file format: Basic structure [updated 2020]
- 10 most popular password cracking tools [updated 2020]
- Popular tools for brute-force attacks [updated for 2020]
- Top 7 cybersecurity books for ethical hackers in 2020
- How quickly can hackers find exposed data online? Faster than you think …
- Hacking the Tor network: Follow up [updated 2020]
- Podcast/webinar recap: What's new in ethical hacking?
- Ethical hacking: TCP/IP for hackers
- Ethical hacking: SNMP recon
- How hackers check to see if your website is hackable
- Ethical hacking: Stealthy network recon techniques
- Getting started in Red Teaming
- Ethical hacking: IoT hacking tools
- Ethical hacking: BYOD vulnerabilities
- Ethical hacking: Wireless hacking with Kismet
- Ethical hacking: How to hack a web server
- Ethical hacking: Top 6 techniques for attacking two-factor authentication
- Ethical hacking: Port interrogation tools and techniques
- Ethical hacking: Top 10 browser extensions for hacking
- Ethical hacking: Social engineering basics
- Ethical hacking: Breaking windows passwords
- Ethical hacking: Basic malware analysis tools
- Ethical hacking: How to crack long passwords
- Ethical hacking: Passive information gathering with Maltego
- Ethical hacking: Log tampering 101
- Ethical hacking: What is vulnerability identification?
- Ethical hacking: Breaking cryptography (for hackers)
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
