Are cold boot attacks still feasible : a case study on Raspberry Pi with stacked memory
Cold boot attacks are semi-invasive attacks which have threatened computer systems over a decade now to leak sensitive user information passwords, keys and PIN. With internet of things (IoT) finding mass deployment, their security must be well investigated. In this work, we take a look at popular Io...
Saved in:
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2022
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/156099 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Cold boot attacks are semi-invasive attacks which have threatened computer systems over a decade now to leak sensitive user information passwords, keys and PIN. With internet of things (IoT) finding mass deployment, their security must be well investigated. In this work, we take a look at popular IoT device Raspberry Pi (model B+), which is already deployed in millions. Raspberry Pi features a stacked memory on top of its processor, making it impossible to physically separate the RAM from the processor. We investigate the decay model of a cold boot attack on Raspberry Pi. The results show a decay rate as low as 0.00027\% which is orders of magnitude lower than previous works allowing close to perfect data recovery. We further report successful recovery of secret disk encryption key when using dm-crypt on Raspberry Pi followed by discussion on mitigation strategies. |
|---|