A blog about the development of a general-purpose solution for mitigating cold-boot attacks on Full-Disk-Encryption solutions.

Locking the screen

One important aspect of my proposition is that the performance impact is only in effect whenever the screen is locked (only than are the keys stored "safely" in the CPU cache). However, there are very likely situations in which one would like to lock the screen but not suffer the performance impact (such as compiling software over lunch).

I foresee two strategies for maintaining native system performance:
  1. configuration options that determine whenever the cache shouldn't be frozen
  2. a time-window after the screen is locked which allows for the some user interaction to prevent cache freezing
The configuration options could be items like "don't freeze the cache if the system is in a docking station" or "... is AC powered" or "a process named gcc is running" and so on.

The time-window approach could be something like a count-down which starts right when the screen is locked (and the user might be still in front of the computer). Clicking on the "don't freeze the cache" button during the countdown would prevent the key protection - while ignoring it would lead to the desired protection (thus addressing the case the computer auto-locks the screen, it would only add a small window of additional exposure for the encryption key).

No comments:

Post a Comment