Scientists demonstrate ability to extract encryption keys that linger in PC memory

Dark Reading Staff, Dark Reading

March 6, 2008

1 Min Read

Even if your hard drive is encrypted, your PC hard drive could be hackable for several minutes after it's been turned off, scientists say.

Researchers at Princeton University have proven that the data held in so-called "volatile memory" -- previously thought to last only a few seconds -- can actually be captured and retrieved for several minutes after a machine is switched off, according to a report.

The research suggests that a criminal might be able to capture the encryption keys of a stolen PC, especially if it is turned on or in sleep mode when it is stolen. A few minutes is enough time for a hacker or attacker to retrieve the key from the RAM memory chips, researchers say.

"The real worry is that someone will get hold of your laptop either while it is turned on or while it is in sleeping or hibernation mode," said Edward Felten, the professor who headed up the study. "The person will get the laptop, cut the power and then re-attach the power, and by doing that will get access to the contents of memory -- including the critical encryption keys."

The study "does cast some doubt on the value of encryption," Felten says. "I think that over time, the encryption products will adapt to this, and they will find new ways of protecting information."

— Tim Wilson, Site Editor, Dark Reading

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights