Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Data remanence in semiconductor devices
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Shredding your garbage: reducing data lifetime through secure deallocation
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Secure deletion of data from magnetic and solid-state memory
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Hardware-rooted trust for secure key management and transient trust
Proceedings of the 14th ACM conference on Computer and communications security
Halting password puzzles: hard-to-break encryption from human-memorable keys
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
BootJacker: compromising computers using forced restarts
Proceedings of the 15th ACM conference on Computer and communications security
Exposure-resilient functions and all-or-nothing transforms
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
LaLa: a late launch application
Proceedings of the 2009 ACM workshop on Scalable trusted computing
The epistemology of computer security
ACM SIGSOFT Software Engineering Notes
Server-side detection of malware infection
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
TPM meets DRE: reducing the trust base for electronic voting using trusted platform modules
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Transparent mobile storage protection in trusted virtual domains
LISA'09 Proceedings of the 23rd conference on Large installation system administration
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Building disclosure risk aware query optimizers for relational databases
Proceedings of the VLDB Endowment
Reliably erasing data from flash-based solid state drives
FAST'11 Proceedings of the 9th USENIX conference on File and stroage technologies
Compiling information-flow security to minimal trusted computing bases
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
After-the-fact leakage in public-key encryption
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Domain extension for MACs beyond the birthday barrier
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Effective digital forensics research is investigator-centric
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
On symmetric encryption and point obfuscation
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Architectural support for secure virtualization under a vulnerable hypervisor
Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture
Leakage resilient strong key-insulated signatures in public channel
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
A novel RFID distance bounding protocol based on physically unclonable functions
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
A survey of main memory acquisition and analysis techniques for the windows operating system
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Visualization in testing a volatile memory forensic tool
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Distributed public key schemes secure against continual leakage
PODC '12 Proceedings of the 2012 ACM symposium on Principles of distributed computing
A hijacker's guide to the LPC bus
EuroPKI'11 Proceedings of the 8th European conference on Public Key Infrastructures, Services, and Applications
Public key encryption against related key attacks
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Data node encrypted file system: efficient secure deletion for flash memory
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Weaknesses in current RSA signature schemes
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Aligot: cryptographic function identification in obfuscated binary programs
Proceedings of the 2012 ACM conference on Computer and communications security
TrueErase: per-file secure deletion for the storage data path
Proceedings of the 28th Annual Computer Security Applications Conference
ACM SIGACT News
A coding-theoretic approach to recovering noisy RSA keys
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Selective and confidential message exchange in vehicular ad hoc networks
NSS'12 Proceedings of the 6th international conference on Network and System Security
Evaluating the Quality and Usefulness of Data Breach Information Systems
International Journal of Information Security and Privacy
A hijacker's guide to communication interfaces of the trusted platform module
Computers & Mathematics with Applications
SMARTPROXY: secure smartphone-assisted login on compromised machines
DIMVA'12 Proceedings of the 9th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Trusted launch of virtual machine instances in public iaas environments
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
PHANTOM: practical oblivious computation in a secure processor
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
OAKE: a new family of implicitly authenticated diffie-hellman protocols
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Proceedings of the 6th International Conference on Security of Information and Networks
On the effectiveness of the remanence decay side-channel to clone memory-based PUFs
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Threshold public key encryption scheme resilient against continual leakage without random oracles
Frontiers of Computer Science: Selected Publications from Chinese Universities
| Hi-index | 0.00 |
Contrary to widespread assumption, dynamic RAM (DRAM), the main memory in most modern computers, retains its contents for several seconds after power is lost, even at room temperature and even if removed from a motherboard. Although DRAM becomes less reliable when it is not refreshed, it is not immediately erased, and its contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access to a machine. It poses a particular threat to laptop users who rely on disk encryption: we demonstrate that it could be used to compromise several popular disk encryption products without the need for any special devices or materials. We experimentally characterize the extent and predictability of memory retention and report that remanence times can be increased dramatically with simple cooling techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for mitigating these risks, we know of no simple remedy that would eliminate them.