Are cold boot attacks still feasible : a case study on Raspberry Pi with stacked memory

Are cold boot attacks still feasible : a case study on Raspberry Pi with stacked memory

Cold boot attacks are semi-invasive attacks which have threatened computer systems over a decade now to leak sensitive user information passwords, keys and PIN. With internet of things (IoT) finding mass deployment, their security must be well investigated. In this work, we take a look at popular Io...

Full description

Bibliographic Details
Main Authors: Won, Yoo-Seung, Bhasin, Shvam
Other Authors: 2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)
Format: Conference Paper
Language:English
Published: 2022
Subjects:
Engineering::Computer science and engineering::Data::Data storage representations
Random-Access Storage
Cold Boot Attack
Online Access:https://hdl.handle.net/10356/156099
Description
Summary:Cold boot attacks are semi-invasive attacks which have threatened computer systems over a decade now to leak sensitive user information passwords, keys and PIN. With internet of things (IoT) finding mass deployment, their security must be well investigated. In this work, we take a look at popular IoT device Raspberry Pi (model B+), which is already deployed in millions. Raspberry Pi features a stacked memory on top of its processor, making it impossible to physically separate the RAM from the processor. We investigate the decay model of a cold boot attack on Raspberry Pi. The results show a decay rate as low as 0.00027\% which is orders of magnitude lower than previous works allowing close to perfect data recovery. We further report successful recovery of secret disk encryption key when using dm-crypt on Raspberry Pi followed by discussion on mitigation strategies.

Similar Items