Cold Boot Attack on DDR2 and DDR3 RAM

Explore cold boot attacks on DDR2 and DDR3 RAM in this 34-minute conference talk from nullcon Goa 2015. Dive into the remanence effect of DRAM, allowing data access even after power loss. Learn about experimental results, including bit error rates and memory block patterns. Discover how these attacks can recover hard disk encryption keys from locked computers. Examine the differences between DDR2 and DDR3 vulnerabilities, and understand the impact of cooling techniques. Investigate various DRAM types and manufacturers, focusing on the ASUS Notebook P53E. Analyze error patterns, temperature effects, and disconnecting times. Gain insights into potential mitigation strategies, including power-on self-tests and password protection. Understand the implications for computer security and the importance of proper data protection measures.

Intro
Agenda
DDR DRAM
DDR2 and DDR3
Refresh times
Retention times
Warm reboot
Cold boot attack
Why are we doing this
Hard disk encryption
Last We Remember
Schuba Muller 2013 paper
Changing the picture
Limitations
Experiments
Research
Motherboards used
Multichannel
Procedure
Preparation
Creative Ideas
First Experiment
Short Video
Cooling
MSRAMDAM
Results
DDR2 Results
DDR3 Results
Temperature Results
Temperature Results with longer disconnecting time
Error patterns
What can you do
Power on selftest
Password protect
Conclusion
How will you take it out
What is the image
Read the paper first
How to mitigate