Everything posted by user0777
-
Cold boot attack susceptibility when using LUKS?
Encrypted ram is the solution however 99% of unraid users will not have encrypted ram.
-
Cold boot attack susceptibility when using LUKS?
RAM isn’t encrypted. Unraid stores the decryption key in RAM in plaintext.
-
Cold boot attack susceptibility when using LUKS?
No, we are talking about the case when the server is already on but locked.
-
Cold boot attack susceptibility when using LUKS?
I think you’ve misunderstood the meaning of Physical access maybe? Physical access means being in the same room as the server not necessarily while it is unlocked.
-
Cold boot attack susceptibility when using LUKS?
According to a thread on hacker news, the only mitigation for cold boot on unraid would be something involving RAM encryption (intel 13th gen and some AMD CPUs have this feature) https://news.ycombinator.com/item?id=38219731
-
Cold boot attack susceptibility when using LUKS?
Isn’t the whole point of LUKS to protect against physical attacks?
-
Cold boot attack susceptibility when using LUKS?
Exactly so if you read material on cold boot attacks, stuff that’s in RAM does persist if you pull the power cord to a PC. You could then pull the LUKS key out of RAM. It does indeed seem susceptible
-
Cold boot attack susceptibility when using LUKS?
Assuming we use LUKS and encrypt a drive, according to this thread the decryption key is stored in RAM. Does this mean my server is susceptible to a cold boot attack? (https://en.wikipedia.org/wiki/Cold_boot_attack) Please forgive me if it's a dumb question.