Icing encryption algorithms
A Princeton University group has developed a simple method to steal encrypted information stored on computer hard disks.
The technique is as easy as chilling a computer memory chip with a blast of frigid air.
In a technical paper that was published Thursday on the Web site of Princeton’s Center for Information Technology Policy, the group demonstrated that standard memory chips actually retain their data for seconds or even minutes after power is cut off.
When the chips were chilled using an inexpensive can of air, the data was frozen in place, permitting the researchers to easily read the keys — long strings of ones and zeros — out of the chip’s memory.
“Cool the chips in liquid nitrogen (-196 °C) and they hold their state for hours at least, without any power,” Edward W. Felten, a Princeton computer scientist, wrote in a Web posting. “Just put the chips back into a machine and you can read out their contents.”
The researchers used special pattern-recognition software of their own to identify security keys among the millions or even billions of pieces of data on the memory chip.
The researchers said they began exploring the utilities for vulnerabilities last fall after seeing a reference to the persistence of data in memory in a technical paper written by computer scientists at Stanford in 2005.
