Scribd
Upload
54 views

Cold Boot Attack On ddr2 and ddr3 Ram

The document discusses experiments conducted on cold boot attacks against DDR2 and DDR3 RAM. It provides background on DRAM and how cold boot attacks work. The experiments tested different RAM modules from various manufacturers under varying conditions, such as temperature and time without power. The results show that some DDR2 RAM could still yield recoverable data after 10 seconds without power when cooled to -35°C to -30°C, with byte error rates ranging from 0.000236% to 2.248%. DDR3 RAM was found to be more resistant to cold boot attacks in previous studies.

Uploaded by

mbozho
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
54 views

Cold Boot Attack On ddr2 and ddr3 Ram

The document discusses experiments conducted on cold boot attacks against DDR2 and DDR3 RAM. It provides background on DRAM and how cold boot attacks work. The experiments tested different RAM modules from various manufacturers under varying conditions, such as temperature and time without power. The results show that some DDR2 RAM could still yield recoverable data after 10 seconds without power when cooled to -35°C to -30°C, with byte error rates ranging from 0.000236% to 2.248%. DDR3 RAM was found to be more resistant to cold boot attacks in previous studies.

Uploaded by

mbozho
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 41

on DDR2 and DDR3 RAM

Simon Lindenlauf, Marko Schuba, Hans Höfken


Aachen University of Applied Sciences, Germany
About
• Simon Lindenlauf
• former BSc, now Master student at Aachen
University of Applied Sciences (FH Aachen)
• cold boot: topic of his bachelor thesis
• Marko Schuba
• professor at FH Aachen (computer science)
• topics of interest: security, forensics
• Hans Höfken
• researcher at FH Aachen
• topics of interest: practical stuff, ethical hacking etc.
Agenda
• What is a cold boot attack?
• Previous work by others
• Experiments
• Results
• Conclusions
DRAM
• DRAM = Dynamic Random-Access Memory
• is a type of RAM
• each bit stored in
separate capacitor
within integrated circuit http://www.certificationkits.com/cisco-2600-32mb-dram/

(states: charged / discharged)


• Leakage and refresh
• capacitors leak, i.e. they slowly discharge
• periodic refresh necessary (memory is “dynamic”)
• DRAM is main memory in computers today
• high density, compared to static RAM
DDR SDRAM*
• DDR SDRAM is a widely used DRAM type
• Types: DDR1, DDR2, DDR3 and recently DDR4
• Have different peak transfer rates
• basically doubling it with each generation
• Most computers today use DDR2 or DDR3 SDRAM

http://www.ifitjams.com/ibuild3.htm

* Double data rate synchronous dynamic random-access memory


Refresh Rates & Retention Times
• As mentioned before:
memory cells leak and thus require refresh

• Refresh rate depends on temperature


• up to 85°C (185°F): 64 ms (standard refresh time)
• between 85°C (185°F) and 95°C (203°F): 32 ms
• obviously: leakage of cells increases with temperature

• 64 ms refresh threshold to be on the safe side...


• e.g. tests with DDR3
cooling RAM increases
• 45°C (113°F) retention time
• retention time for all cells >= 1.5 s
What is cold boot?
• Two options for rebooting a machine
• cold reboot (or cold boot, hard boot)
• warm reboot (or soft reboot)

• Warm reboot (simplified)


• restarting machine while it is powered on
• e.g. Ctrl-Alt-Del on Windows, kexec on Linux
• Cold boot (simplified)
• restarting machine from a power-less state
• disconnecting cord/battery and starting machine again
What is a cold boot attack?
• Basic idea
• DRAM memory content can be extracted
after power has been cut
• the lower the temperature of the DRAM the higher the
probability that memory is unchanged
• Two ways to do it…memory dump can be done
• on the original machine
• DRAM stays where it is
• original machine is cold booted
• or on a different machine
• DRAM is removed and plugged into a different computer
• different computer is cold booted
Why all this?
• Main purpose: recovery of hard disk encryption key
• Case: You are a digital forensics investigator
• running machine which uses hard disk encryption
• Machine not screen-locked: simple
• Machine is screen-locked (& password unknown)
• cannot simply copy disk
• cannot shut down machine (& take out hard disk)
• decryption key is in RAM:
but as machine is locked, no way to
dump image from the machine directly
• Cold boot attack can help
• attack provides an image of the RAM
• might contain errors…
but still keys can be recovered http://www.computerweekly.com/news/2240118660/
IT-departments-risk-losing-responsibity-for-IT-security
Agenda
• What is a cold boot attack?
• Previous work by others
• Experiments
• Results
• Conclusions
Lest We Remember...
• Halderman et al. published work on
Cold Boot Attacks on Encryption Keys
at USENIX Security '08
• DDR and DDR2 SDRAM
On the Practicability of Cold Boot...
• 2013 Gruhn and Müller provide results for
different DDR types 1, 2 and 3
• Result: „we could not reproduce cold boot attacks
against modern DDR3 chips“
So, no cold boot attack on DDR3?
• Let‘s try it out...
• What could be
done differently?
• Obvious...
different picture...
Mona  Lena

http://en.wikipedia.org/wiki/Lenna
So, no cold boot attack on DDR3?
• Let‘s try it out...
• What could be
done differently?
• Obvious...
different picture...
Mona  Lena
• Ok, maybe
something else... http://www.aliexpress.com/item-img/For-ASUS-60-N3GMB1800-B02-Laptop-motherboard
-mainboard-K53SV-REV-3-0-45-days-warranty-works/1866829087.html#

Mainboard
• But first a step back...
Agenda
• What is a cold boot attack?
• Previous work by others
• Experiments
• Results
• Conclusions
Considerations
• Cold boot attack results depend on
• DRAM types  DDR2 and DDR3
• DRAM manufacturer  7 different manufacturers
• individual DRAM  16 different ones tested
Module Overview
Considerations
• Cold boot attack results depend on
• DRAM types  DDR2 and DDR3
• DRAM manufacturer  7 different manufacturers
• individual DRAM  16 different ones tested
• mainboard  2 different ones
Mainboards used

GA-G41M-Combo Notebook ASUS P53E mainboard


Considerations
• Cold boot attack results depend on
• DRAM types  DDR2 and DDR3
• DRAM manufacturer  7 different manufacturers
• individual DRAM  16 different ones tested
• mainboard  2 different ones
• Multi Channel Mode?  if yes, several impacts
• DRAM temperature  tested different ones
• DRAM seconds w/o power  tested different ones
• footprint of cold boot OS  the smaller the better
Procedure
• Steps of cold boot attack
• original machine: prepare it with test data (Lena + x)
• cold boot machine: prepare boot USB stick & connect it
• original machine (running): adjust DRAM temperature
(e.g. cool it to increase retention time)
• original machine: power it down
• unplug power cable
(notebook: battery to be removed before)
• if original ≠ cold boot machine then move DRAM
• cold boot machine: power-on (booting from USB)
• program on USB stick reads and stores RAM data
• analyse RAM data (offline)
Procedure
• Cold boot attack procedure
• prepare boot USB stick & connect it to cold boot machine

Cold boot attack
prepare original machine with test data (Lena)
• cool DRAM1. on
prepare
running data
original&machine
USB
(to increase retention time)
2. cool DRAM
• power down original machine

3. power down
remove battery
• 4. (move DRAM)
unplug power cable
• if original ≠ cold boot machine: move DRAM
5. power-on & read data
• power-on cold boot machine (booting from USB)
• program on USB stick reads and stores RAM data
• analyse RAM data (offline)
Prepare Test Data
• Task: same data in memory for each test
• used small OS based on JamesM’s kernel
development tutorials (multiboot kernel)
and GRUB bootloader
• test data based on Lena image (X PixMap)
• pixel area extracted and written to RAM
(starting at fixed address)
• additionally: 100 MB test file
(starting at another fixed address)
Prepare Cold Boot USB
• Two small footprint OS (~ 2 MB) tested
• msramdmp (Wesley McGrew; 32 bit OS)
• used predominantly (single USB stick / multiple tests)
• bios_memimage (Princeton University, 64 bit OS)
• for DRAM > 4 GB
• When machine is cold booted from USB
• both dump the RAM and save it to USB stick
• msramdmp slightly modified to extract test data only
• first 500 MB of DRAM
• faster and sufficient for test data
How to cool the DRAM?
• Option 1: move project to a cold location...
• Option 2: more cost efficient
 cooling spray

p://www.hotel-tenz.com/sport-freizeit/ski-cavalese-alpe-cermis.html
Cool
DRAM
Check
Temperature

MeasureTime
Read & Analyse Data
• Determine byte & bit errors
Read & Analyse Data
• Determine byte & bit errors
• Reconstruct & view image

a) bit errors that change byte to quote b) correction of quote characters and
character or null byte damage whole line null bytes by one bit reduce this to
pixel errors
Video not included in pdf
Video
Agenda
• What is a cold boot attack?
• Previous work by others
• Experiments
• Results
• Conclusions
Module Overview
Selected Results DDR2
10s without power at -35°C to -30°C
DDR2 RAM Byte Errors Bit Errors Byte Error Rate Bit Error Rate
1 B 236 236 0,000236% 0,000030%
2 F 2.204 2.212 0,002204% 0,000277%
3 G 3.675 3.943 0,003675% 0,000493%
4 C 82.539 85.766 0,0825% 0,0107%
5 H 239.263 558.522 0,239% 0,070%
6 D 729.380 795.702 0,729% 0,099%
7 J 2.248.293 2.477.976 2,248% 0,310%
8 I 4.763.617 7.862.582 4,764% 0,983%
9 A 12.870.663 28.379.907 12,87% 3,55%
10 E 20.997.916 71.909.648 21,00% 8,99%
11 K 35.475.736 88.992.338 35,48% 11,12%
Selected Results DDR3

10s without power at -35°C to -30°C

DDR3 RAM Byte Errors Bit Errors Byte Error Rate Bit Error Rate
1 N 1.604 5.624 0,001604% 0,000703%
2 M 4.435 8.275 0,004435% 0,001034%
3 L 460.860 534.566 0,461% 0,067%
Error – Temperature Dependency
Temperature Dependency
4.000.000

3.500.000

3.000.000
(bei 100 MB Testdaten)
MB test data)

2.500.000
(for 100Byte-Fehler
Byte Errors

2.000.000

1.500.000

1.000.000

500.000

0
-40 -30 -20 -10 0 10 20 30
Temperature in °C (measured 15s after power-off)

exponential
Expon. Trendlinie trend line
Error - Time Dependency
Time Dependency
4.500.000

4.000.000

3.500.000
test data)

3.000.000
(bei 100 MB Testdaten)
Errors
Byte-Fehler

2.500.000
MB
Byte

2.000.000
(for 100

1.500.000

1.000.000

500.000

0
0 10 20 30 40 50 60
Time without power in s

Expon. Trendlinie
exponential trend line temperature -20°C
Error Bereich 1: Muster FFFF FFFF FFFF FFFF

Patterns Bereich 2: Muster FFFF FFFF 0000 0000

Bereich 3: Muster 0000 0000 0000 0000


• some DRAM Bereich 2: Muster FFFF FFFF 0000 0000
show different
Bereich 1: Muster FFFF FFFF FFFF FFFF
error rates
depending Bereich 2: Muster FFFF FFFF 0000 0000

on ground Bereich 3: Muster 0000 0000 0000 0000

state Bereich 2: Muster FFFF FFFF 0000 0000

• some areas Bereich 1: Muster FFFF FFFF FFFF FFFF

error free Bereich 2: Muster FFFF FFFF 0000 0000

• reason not
Bereich 3: Muster 0000 0000 0000 0000

Bereich 2: Muster FFFF FFFF 0000 0000


clear yet
Anti Cold Boot
• Enable POST in BIOS
• overwrites complete RAM
• Password-protect boot device sequence
• avoid booting of RAM dump software
• Password based pre-boot authentication
• otherwise encryption key in RAM after restart
• Store encryption key outside RAM
• e.g. possible in CPU registers
• this even works if RAM is moved to different machine
Agenda
• What is a cold boot attack?
• Previous work by others
• Experiments
• Results
• Conclusions
Conclusions
• Cold boot attacks not as complicated as
expected
• could be feasible approach for digital forensics
investigators

• Attacks on DDR3 are possible


• admittedly, we have been lucky with the board…
Thank You

Marko Schuba
Aachen University of Applied Sciences
Germany
[email protected]

You might also like