https://replica.wiki.extremist.software/api.php?action=feedcontributions&feedformat=atom&user=GuidoNoisebridge - User contributions [en]2026-04-05T11:48:33ZUser contributionsMediaWiki 1.39.13https://replica.wiki.extremist.software/index.php?title=Surreptitious_RAM&diff=60853Surreptitious RAM2017-10-02T01:46:09Z<p>Guido: </p>
<hr />
<div>[[File:Control.png]]<br />
Bunnie Huang wrote about "surreptitious RAM" on p. 206 of his book ''Hacking the Xbox''. Surreptitious RAM refers either to memory modules or memory module adapters that provide some interface other than the commands coming from the memory bus on the motherboard. For example, we can imagine a memory module that has a standard DIMM form factor and interface but that also provides an external USB interface which lets another computer read (and maybe write) the current contents of RAM as a USB mass storage device. The ability to access the contents of RAM over an external interface provide a convenient way to defeat any memory protection policies enforced by the operating system and MMU (even on systems where DMA can be disabled). This is pretty powerful for forensics, debugging, or computer security attacks (given physical access to a PC); Bunnie and trusted computing developers have also described it as a practical way of attacking the implementation of TPMs in PCs. Does anyone want to try to make some surreptitious RAM or a surreptitious RAM adapter? [[User:Schoen|Schoen]] 16:38, 30 January 2009 (PST)<br />
<br />
=== Relevant literature ===<br />
[http://books.google.com/books?id=FdPNE6beKcMC&pg=PA204&lpg=PA204&dq=surreptitious+RAM&source=web&ots=vwmKMThkKQ&sig=Vz5yf2Qhre3n8kuE-flaL25v-Ig&hl=en&sa=X&oi=book_result&resnum=2&ct=result Google books reference ]<br />
<br />
=== Pre-built Hardware interfaces ===<br />
[http://www.busboards.com/products/memory/ddrii/ddrii400dc/ ddrii400dc]</div>Guidohttps://replica.wiki.extremist.software/index.php?title=Attacking_FDE_hardware_solutions&diff=60852Attacking FDE hardware solutions2017-10-02T01:45:58Z<p>Guido: </p>
<hr />
<div>[[File:Control.png]]<br />
Many companies tout hard drives with built in encryption as the solution to the [http://citp.princeton.edu/memory/ Cold Boot Attack]. Additionally, these drives are sold as a major step forward in overall data security. In theory, this sounds like a good idea; in practice this could go horribly wrong.<br />
<br />
This project is currently in a research state to find different drives that claim to offer specific security properties. It is expected that many products will fail even the most cursory look.<br />
<br />
Please add links to products, vendors, standards, prices and places to purchase hardware. At some point, we'll start acquiring hardware to do specific implementation analysis.<br />
<br />
== Drive manufacturers and specific drive models ==<br />
<br />
* Seagate<br />
** [http://www.seagate.com/www/en-us/products/servers/cheetah/cheetah_15k.6/ Cheetah® 15K.6 and Cheetah FDE Hard Drives]<br>''"The Cheetah 15K.6 FDE drive is available only to major OEM suppliers."''<br />
* Hitachi<br>''"Hitachi offers the BDE option on all new 2.5-inch SATA hard disk drive products beginning with those launched in 2007, including both the 7200 RPM and 5400 RPM product lines. Hitachi also offers the BDE option on Deskstar products introduced in 2008 and beyond."''<br />
** [http://www.hitachigst.com/tech/techlib.nsf/techdocs/FFA370A7BF845F87862574FE0003054C/$file/TS5K500.B_DS_final.pdf Travelstar 5K500.B]<br />
** [http://www.hitachigst.com/tech/techlib.nsf/techdocs/03E516A3C41738C78625743B005AD957/$file/TS7K320_DS.pdf Travelstar 7K320]<br />
** [http://www.hitachigst.com/tech/techlib.nsf/techdocs/C51A283F52498251862573FA005A3C98/$file/Travelstar_5K320_DS.pdf Travelstar 5K320]<br />
* IBM<br />
** [http://www-03.ibm.com/systems/storage/product/systemx/scsi_raid.html IBM RAID products for System x (including support for disk encryption)]<br />
* Lenovo<br />
** [http://www-307.ibm.com/pc/support/site.wss/MIGR-68776.html ThinkPad 160GB and 200GB FDE 7200rpm Serial ATA Hard drives]<br />
* Maxtor<br />
** [http://www.maxtor.com/en/hard-drive-backup/external-drives/maxtor-blackarmor.html BlackArmor]<br />
* Ironkey<br />
** [https://www.ironkey.com/basic Basic]<br />
** [https://www.ironkey.com/enterprise Enterprise]<br />
<br />
== Previously published research ==<br />
<br />
* Heise successfully attacked the [http://www.heise-online.co.uk/security/Enclosed-but-not-encrypted--/features/110136 Easy Nova Data Box PRO-25UE RFID]<br />
<br />
== Standards and Whitepapers relating to FDE at the hardware level ==<br />
* Trusted Computing Group<br />
** [https://www.trustedcomputinggroup.org/specs/Storage/ Storage Specifications]<br />
** [https://www.trustedcomputinggroup.org/specs/Storage/TCG_Storage_Architecture_Core_Specification_v01.9.pdf Storage Architecture Core Specification v1.0 rev0.9] this is what the drives implement<br />
* IEEE<br />
** http://en.wikipedia.org/wiki/IEEE_P1619<br />
** [http://grouper.ieee.org/groups/1619/email/msg01842.html Letter of Assurance from IBM re P1619.1/D17]<br />
<br />
* Seagate<br />
** http://www.seagate.com/staticfiles/SeagateCryptofaceoff.pdf<br />
** http://www.seagate.com/staticfiles/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf<br />
** http://www.seagate.com/staticfiles/docs/pdf/security/Tech_Paper_Enables_Robust_Security.pdf<br />
** http://www.seagate.com/docs/pdf/whitepaper/HDpasswrd_TP580-1-0710US.pdf<br />
** http://www.seagate.com/docs/pdf/whitepaper/Seagate-crypto-bakeoff.pdf<br />
** http://www.seagate.com/docs/pdf/whitepaper/tp596_128-bit_versus_256_bit.pdf<br />
** http://www.seagate.com/docs/pdf/whitepaper/Server&Drive%20Security%20Threats%20rev%204%203.pdf<br />
** http://www.seagate.com/docs/pdf/whitepaper/DataCtrSec_TP583-1-0711USr4.pdf Also mentions participation in IEEE 1619<br />
<br />
* Hitachi<br />
** http://www.hitachigst.com/tech/techlib.nsf/techdocs/74D8260832F2F75E862572D7004AE077/$file/bulk_encryption_white_paper.pdf<br>The above whitepaper refers to FIPS 197 certification and the NIST AES Validation List, which informs us that Hitachi uses AES 128 or 256 in ECB mode: [http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html#751 Part # 1 entry, 128-bit] [http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html#749 Part # 4 entry, either 128-bit or 256-bit] (NB: large slow HTML table)<br />
** [http://www.hitachigst.com/hdd/support/bulk_faqs.htm Bulk Data Encryption FAQ]<br />
<br />
== Other related documents ==<br />
*[http://www.full-disk-encryption.net/Full_Disc_Encryption.html List of FDE (SW & HW) providers]<br />
*[http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-69621 IBM FAQ on FDE]<br />
*[http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126869&intsrc=hm_ts_head Computer World (heavy on the marketing)]<br />
== Terminology ==<br />
* FDE - Full Disk Encryption<br />
* BDE - Bulk Data Encryption<br />
* OTFE - [http://en.wikipedia.org/wiki/OTFE On-the-fly encryption]</div>Guidohttps://replica.wiki.extremist.software/index.php?title=User:RobGisborne175&diff=60851User:RobGisborne1752017-10-02T01:45:24Z<p>Guido: Created page with "File:Control.png"</p>
<hr />
<div>[[File:Control.png]]</div>Guidohttps://replica.wiki.extremist.software/index.php?title=User_talk:Ioerror&diff=60849User talk:Ioerror2017-10-02T01:44:35Z<p>Guido: </p>
<hr />
<div>[[File:Control.png]]</div>Guido