[liberationtech] Freeze the memory out of a galaxy nexus?
Michael Rogers
michael at briarproject.org
Thu Feb 21 10:57:28 PST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 21/02/13 18:32, Brian Conley wrote:
> Any idea why the researchers would posit that iOS devices may be
> less susceptible?
iOS has several classes of encrypted storage. For the
NSFileProtectionComplete class, the class key that protects the
individual file keys is erased from memory 10 seconds after the device
is locked. So I guess files encrypted with that class would be
unrecoverable via a cold boot attack if the device had been locked for
10 seconds.
http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf
Android uses a single key to protect all encrypted storage (excluding
apps that use their own encryption, eg SQLCipher), so that key must be
kept in memory whenever the device is running.
http://source.android.com/tech/encryption/android_crypto_implementation.html
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJRJm4YAAoJEBEET9GfxSfMwi8H/37g4caSmxPQ1DKLkHALqS/u
IIUD1iCrxjAhglRgqMHLUZb/XX12lM+iQ8IqqMWNHQkrw9p04Amd/f+dR+MkAbsf
ndf0grkiIllTuPEm4kcLY9DNcAfH5VavFpoRoEMCKtEAPOtWHAPt93RTkjx6oLAJ
Y8vPHiG4Bndr2GckjpSkdpkIW4dt2uCMfZOd+ALtKnMpSmJpr2I7A8x+iexwIJXP
SLm77PP1rQrOCykvZN+dfuDWH8lYytX37fbabxy5S0VNZtfvPIT4QJIxWW62e1nm
6uE/zTIJlY5WZj6GSxYLsPpcn41Vj3Pfzk7TDT/iPoWSBabRpfLhzuqPK/L2/oo=
=zB77
-----END PGP SIGNATURE-----
More information about the liberationtech
mailing list