Glass Box Voting

From the Security Musings blog:

I heard Nicko Van Someren talk about finding keys in memory at RSA Europe in 2000, but when he spoke the ability steal RAM from a sleeping computer was unknown. Fascinating demonstration of the exploit. This is why cryptomodules must provide the ability to zeroize keys, regardless of where they are stored.From what I’ve heard, RAM need not be overwritten more than once like magnetic media must, but perhaps that is a commonly held mistaken impression also.

This entry was posted on Thursday, February 21st, 2008 at 1:56 pm and is filed under general. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.