Encryption firms speak up on DRam attack

Microsoft and PGP have issued statements on the disk encryption report

Software vendors are defending their products and looking to ease public fears following a recent report on vulnerabilities in disk encryption.

Microsoft and PGP were among the firms to issue statements on the report, which detailed ways in which an attacker could recover encryption keys by accessing the memory on a recently shut-down compouter.

The report states that even after the computer has been powered off an attacker could partially boot up the system, retrieve the contents of the DRam chips, and use the information to thwart disk encryption tools.

"While the report's authors did not attempt to breach any PGP Corporation products, the technique could theoretically be used to attack all current-generation full disk encryption products," PGP said in an official statement.

"In practical use, however, it is unlikely that most users would be subject to this type of attack."

The company urged users to employ an encrypted virtual disk volume which is un-mounted when not in use.

Check Point Software issued its own release which noted the difficulty surrounding a theoretical "cold boot" attack.

"First, the attacker must gain physical possession of the computer either while it is running or within a few minutes of shutting down," said the company.

"Then the memory must be dramatically cooled down in order to sustain the contents for any meaningful length of time so it can be copied in its entirety. "

Mic rosoft's Vista security product manager Russ Humphries defended the company's BitLocker software on a company blog.

"The thing to keep in mind here is the old adage of balancing security, usability and risk," said Humphries.

"Quality security research helps our customers and the industry in general raise the security bar and I applaud it.

"But let's also keep in mind that technologies like BitLocker provide a very valuable service to users and helps them protect data on their PCs."