Researchers from the Electronic Frontier Foundation and Princeton University have cracked several widely used disk encryption technologies, including Microsoft's BitLocker, Apple's FileVault, TrueCrypt and dm-crypt.
Those disc encryption systems are designed to protect sensitive information if a computer is stolen or otherwise accessed, but researchers said data is still vulnerable because encryption keys and passwords stored in a computer's temporary memory, or RAM, don’t disappear immediately after losing power.
"People trust encryption to protect sensitive data when their computer is out of their immediate control," EFF spokesman Seth Schoen said. "But this new class of vulnerabilities shows it is not a sure thing.
“Whether your laptop is stolen or you simply lose track of it for a few minutes at airport security, the information inside can still be read by a clever attacker," he said.
Laptops are particularly vulnerable to attack when they are turned on but locked, or in sleep or hibernation mode entered when the laptop's cover is shut, the EFF said.
Researchers said that even though the machines require a password to unlock the screen, the encryption keys are already located in the RAM, which provides an opportunity for attackers with malicious intent.
For the full paper, "Lest We Remember: Cold Boot Attacks on Encryption Keys," a demonstration video and other background information, click here.
