March 4, 2008

Data Encryption Faces New Challenge

A team of scientists have discovered that encryption keys needed to unlock crucial data can remain in the memory of computers for several minutes.

This is inconsistent with the previous assumption that the computer only held the data for a few seconds after systems are shut down.

"It was widely believed that when you cut the power to the computer that the information in the volatile memory would disappear, and what we found was that was not the case," said Professor Edward Felten of the University of Princeton.

"The information was available for seconds or minutes," he said.

Laptops are especially at risk because of their portability.

Data encryption is an important way for users and companies to increase data security.

"The key to making it work is to keep the encryption key secret," explained Professor Felten. "What we have found was that the encryption keys needed to access these encrypted files were available in the memory of laptops."

The real fear is that this extra window of time could provide hackers with an opportunity to steal sensitive information. Dr. Felten said that if the laptop is left running somewhere, even in hibernation mode, someone has a chance to steal encrypted information.

"Simply locking your screen or switching to 'suspend' or 'hibernate' mode will not provide adequate protection," he said..

"The person will get the laptop, cut the power and then re-attach the power, and by doing that will get access to the contents of memory - including the critical encryption keys."

Switching the power off and on gets rid of the computer's operating system, which is the only defense between a hacker and encrypted files, he said.

"By cutting the power and then bringing it back, the adversary can get rid of the operating system and get access directly to the memory."

Professor Felten and his team also discovered that if a laptop is cooled, it seems to retain more information for longer periods of time.

"The information stays in the memory for much longer - 10 minutes or more," he said.

The team said the user's best way to protect valuable information is to allow their laptop to stay shut down for several minutes before leaving it alone.

Fenten said that this new information sheds light on some data encryption issues that need to be approached.

"It does cast some doubt on the value of encryption. I think that over time the encryption products will adapt to this and they will find new ways of protecting information."


On the Net:

Princeton University

Edward W. Felten