Freezing RAM Reveals Its Residual Content

In February of 2008, researchers at Princeton demonstrated that cooling RAM causes it to retain its content for an extended period of time, even after host systems are turned off. In this video http://citp.princeton.edu/memory/ they show how this cooling technique compromises encryption keys. This attack compromises a number of popular data security packages widely used on laptops and mobile systems. To address this threat, IceLock aggressively manages keys in memory in a way that takes into account the use patterns of laptops to prevent the “cold boot” exploit.

IceLock Mobile Data Security Protects Against the “Cold Boot” Attack

IceLock’s autonomous agent constantly monitors system state to protect encryption keys that are stored in RAM. Any key not in constant use is never stored in RAM. During any system transition from active use to non-active use, IceLock deletes all keys from RAM. Through this patent-pending mechanism, IceLock ensures that even if RAM is removed from a system and exposed to preservation techniques such as lowering temperature, encryption keys are not compromised, as they have been deleted and overwritten.

IceLock’s autonomous agent is part of the overall IceLock data security solution. This new approach to mobile data security provides central management, reduced user friction, auditing, a multi-factor ephemeral key system and the ability to revoke access privileges or delete data remotely.

Important Note: It is difficult to protect running machines that are stolen “warm” while an authenticated, privileged user is logged in. One way for IceLock users to help mitigate this threat is to institute aggressive policies regarding password protected screen savers, Hibernation and Sleep mode, so that unused machines quickly change to a locked state, triggering IceLock to remove keys from memory.

Members of the media and researchers may request evaluation copies of IceLock by sending mail to ResearchSupport(aT)Hyblue DoT Com