Most successful attacks against strong, well-designed encryption take the form of ‘side channel’ attacks: ones that aren’t based on breaking the strong cryptographic algorithm, but which are based or circumventing it or subverting it somehow. Common varieties include timing attacks, which examine the precise amounts of time cryptographic equipment or software takes to perform operations, and power monitoring attacks, which examine which parts of a piece of equipment are using energy when.
Researchers at Princeton have recently uncovered a potentially significant side-channel attack against whole-disk encryption systems like BitLocker (built into Windows Vista), FileVault (same for Mac OS X), and Truecrypt. The attack is based on analyzing the random access memory (RAM) of a computer system once it has been turned off. Despite the common perception that this clears the contents of the RAM, they have demonstrated that it is possible to use simple techniques and equipment to get a copy of what is inside: including the cryptographic keys upon which these programs depend:
We found that information in most computers’ RAMs will persist from several seconds to a minute even at room temperature. We also found a cheap and widely available product — “canned air” spray dusters — can be used to produce temperatures cold enough to make RAM contents last for a long time even when the memory chips are physically removed from the computer. The other components of our attack are easy to automate and require nothing more unusual than a laptop and an Ethernet cable, or a USB Flash drive. With only these supplies, someone could carry out our attacks against a target computer in a matter of minutes.
This is bad news for anyone relying on encryption to protect the contents of their laptop: whether they are a banker, a spy, a human rights campaigner in China, or a criminal. Other technologies exist to help foil whole-disk encryption systems when the attackers are lucky enough to find a computer that is turned on and logged in.
Researchers in the same organization have done some good work on electronic voting machines.