Preventing the Princeton Cold Boot
Freezing RAM Reveals Its Residual Content
In February of 2008, researchers at Princeton demonstrated that cooling RAM causes
it to retain its content for an extended period of time, even after host systems
are turned off. In this video http://citp.princeton.edu/memory/
they show how this cooling technique compromises encryption keys. This attack compromises
a number of popular data security packages widely used on laptops
and mobile systems. To address this threat, IceLock aggressively manages keys
in memory in a way that takes into account the use patterns of laptops to prevent
the “cold boot” exploit.
IceLock Mobile Data Security Protects Against the “Cold Boot” Attack
IceLock’s autonomous agent constantly monitors system state to protect encryption keys that are stored
in RAM. Any key not in constant use is never stored in RAM. During any system transition from active
use to non-active use, IceLock deletes all keys from RAM. Through this patent-pending mechanism, IceLock
ensures that even if RAM is removed from a system and exposed to preservation techniques such as lowering
temperature, encryption keys are not compromised, as they have been deleted and overwritten.
IceLock’s autonomous agent is part of the overall IceLock data security solution. This
new approach to mobile data security provides central management, reduced user friction,
auditing, a multi-factor ephemeral key system and the ability to revoke access privileges
or delete data remotely.
Important Note: It is difficult to protect running machines that are stolen “warm” while an authenticated,
privileged user is logged in. One way for IceLock users to help mitigate this threat is to institute
aggressive policies regarding password protected screen savers, Hibernation and Sleep mode, so that unused
machines quickly change to a locked state, triggering IceLock to remove keys from memory.
Members of the media and researchers may request evaluation copies of IceLock by
sending mail to ResearchSupport(aT)Hyblue DoT Com