From: ken <gebser@mousecar.com>
To: Eduardo Schultze <duduschultze@gmail.com>, dm-crypt <dm-crypt@saout.de>
Subject: Re: [dm-crypt] Retrieve the Passphrase from RAM Memory
Date: Tue, 27 Sep 2011 05:07:48 -0400 [thread overview]
Message-ID: <4E819264.2070400@mousecar.com> (raw)
In-Reply-To: <CACFtf0c_ZU7eLsct1g7Cdyijb0-UG9L8JzJLH0CR90RdQU8WDA@mail.gmail.com>
These questions first require an understanding of RAM and how it
functions in any computer. That said, the short answers to your two
questions is no, except that recently some researchers have found it
possible to freeze RAM shortly after a machine was turned off-- within
seconds-- and thereby preserve it's state and so then retrieve data from
it. This is not a procedure most of us could carry out. And then
whether the password still is (or ever was) in RAM is another question.
Having written a little code in my time, I would sincerely guess not;
limiting a variable's scope and even overwriting the value of a variable
are too easy and here obvious *not* to do. A better answer than mine,
however, would be found by examining the code.
hth,
ken
--
War is a failure of the imagination.
--William Blake
On 09/26/2011 10:34 PM Eduardo Schultze wrote:
> Hello,
>
> I'm a Security Information student at Unisinos College, Brazil. As a
> paper during this semester it was me and my colleagues choice to write a
> paper about LUKS on Ubuntu 10.4.
>
> My question is - Is it possible to retrieve the passphrase from RAM
> memory after a successful authentication and shutdown? Is this case we
> would turn the system on, authenticate, turn off, and then check if the
> passphrase would still be in the RAM memory even with the turned off
> computer.
>
> If not, would it be possible to dump the RAM memory and retrieve the
> passphrase (now with the system turned on)?
>
> I looked for these answers at the FAQ section but couldn't find it.
>
> Thanks in advance,
> Eduardo Schultze.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
next prev parent reply other threads:[~2011-09-27 9:07 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-27 2:34 [dm-crypt] Retrieve the Passphrase from RAM Memory Eduardo Schultze
2011-09-27 9:07 ` ken [this message]
2011-09-27 10:17 ` Arno Wagner
2011-09-27 11:13 ` Roscoe
2011-09-27 10:47 ` Roscoe
2011-09-27 11:50 ` Milan Broz
2011-09-27 14:44 ` Karl O. Pinc
2011-09-27 16:55 ` Milan Broz
2011-09-27 11:53 ` octane indice
2011-09-27 12:26 ` Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E819264.2070400@mousecar.com \
--to=gebser@mousecar.com \
--cc=dm-crypt@saout.de \
--cc=duduschultze@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox