The Princeton Cold Boot paper was published two weeks ago. The paper demonstrates that DRAM contents persist substantially longer than previously assumed — sufficient to recover encryption keys from a powered-down machine through specific physical-access techniques. The structural implications for the trust-the-hardware threat model are real.
This is a longer post because the structural shift is larger than most attack categories.
What the paper demonstrates
The technical mechanism: DRAM contents do not decay instantaneously when power is removed. Cooling the DRAM substantially extends the data-retention window — specific cooling using compressed-air dusters or liquid nitrogen produces retention windows of minutes to hours.
Within the retention window, an attacker can:
- Power-cycle the target machine.
- Boot from removable media containing tools that read DRAM contents.
- Extract specific data, including encryption keys held in memory by the running operating system.
The technique works against the major full-disk encryption products — BitLocker, FileVault, dm-crypt, TrueCrypt — because all of them must hold the encryption key in memory while the disk is decrypted for use. Powering off the machine does not, in practice, immediately remove the key from memory.
Why this matters structurally
Three observations.
The "encrypted laptop is safe if powered off" assumption is broken. Specific organisations have invested in full-disk encryption based on the assumption that a stolen powered-off laptop is bounded in exposure. The Cold Boot research demonstrates that the assumption was bounded; specific stolen laptops with recently-removed power are exposed.
The trust boundary depends on specific hardware properties. Specific DRAM modules retain data longer than others; specific cooling produces longer retention; specific implementation details affect the cumulative exposure. The cumulative defensive posture depends on specific hardware properties that most operators do not characterise.
The structural implication: hardware-level security requires hardware-level engineering. Specific encryption implemented at the operating-system level is bounded by the underlying hardware's properties. Specific subsequent work on hardware-supported encryption (TPM-based key storage, encrypted memory regions) addresses the structural problem.
The cumulative trajectory: the trust boundary at the operating-system level is structurally bounded; trust at the hardware level requires specific hardware features.
What the practical attack scope is
Three specific scenarios.
Stolen laptops. A laptop powered off shortly before theft is exposed. The cumulative window depends on specific hardware properties; the practical exposure is meaningful for organisations with high-value laptop data.
Border crossings. Customs officials in some jurisdictions can compel laptop power-cycling for inspection. Specific operators with sensitive cumulative data on laptops are now in a different threat-model than they had assumed.
Targeted physical attacks. Specific high-value targets may face Cold Boot attacks during specific situations (hotel rooms, transit, specific offices). The cumulative threat profile depends on the value of the data and the sophistication of the attacker.
The cumulative practical exposure is bounded for typical users and meaningful for specific high-risk users.
What this teaches operationally
Three lessons.
Specific physical-access discipline matters more than was previously appreciated. Specific organisations should re-think the cumulative exposure of laptops during travel, theft, and specific other physical-access scenarios.
Specific defensive responses are bounded. Powering off laptops more aggressively (including hibernate vs sleep choices) reduces the exposure window but does not eliminate it. Specific subsequent hardware-supported encryption schemes will address the structural issue; specific deployment is years away.
Cumulative threat-model discipline matters. Specific assumptions about defensive properties should be tested empirically; specific subsequent disclosures may invalidate other assumptions. The cumulative discipline of explicit threat-model testing is operationally rational.
What this teaches structurally
The Cold Boot research is illustrative of a broader pattern: specific defensive properties depend on specific assumptions about underlying infrastructure. When the assumptions are tested empirically, specific properties may not hold.
The cumulative implication: the security community should invest more in empirical testing of widely-held assumptions. Specific subsequent research that tests other commonly-held assumptions may produce similar structural shifts.
For practitioners: continued reading of empirical security research. Specific assumptions about your own infrastructure should be tested; specific subsequent disclosures may inform substantive defensive shifts.
What I am doing
For my own infrastructure: laptops continue to use full-disk encryption; specific cumulative discipline now includes more aggressive power-down rather than sleep for travel scenarios. The cumulative exposure is bounded; specific incremental improvements are real.
For Gala Coral: specific cumulative review of laptop and removable-media policies. Specific subsequent guidance has been updated to reflect the Cold Boot research.
For my own continued writing: continued attention to empirical security research. The cumulative archive on this category will grow.
What I am paying attention to
Three things over the next 12 months.
Specific subsequent research demonstrating other empirical-assumption failures. 80% probability. The Cold Boot research may motivate substantial subsequent work; specific subsequent disclosures will be informative.
Specific hardware-level encryption deployment. 60% probability of meaningful deployment. TPM-based and other hardware-supported encryption may accelerate; specific Vista-and-newer deployments may benefit.
Specific industry-level conversations about laptop discipline. 50% probability. The cumulative trajectory may continue.
For my own continued operation: the discipline continues. The cumulative archive grows.
More in time.