Cold Boot Attacks

Full Disk Encryption (FDE) White Paper

A paper recently published by Princeton University challenges the assumption that DRAM, the location where encryptions keys are retained in memory, is erased upon powering down a laptop. Since Full Disk Encryption(FDE) is intended as Data-At-Rest (DAR) or power-off protection against data theft, this paper has immediately generated a lot of speculation as to whether or not Full Disk or other forms of encryption are broken beyond repair in the case of a cold boot attack.

This white paper briefly explains cold boot attacks, illustrates why it may or may not be relevant for today’s FDE users, and discusses the use of Data-at-Rest products like Secure Notebook with newer hardware-based FDE to eliminate some of these issues.