Hibernation and secret keys

David Shaw dshaw at jabberwocky.com
Wed Feb 11 02:17:17 CET 2009


On Tue, Feb 10, 2009 at 06:57:33PM -0500, Robert J. Hansen wrote:

> Or consider a hibernation file.  When your laptop goes into hibernation
> mode, your laptop copies its entire internal state to disk so that when
> you open your laptop again it can pick up right where it left off.  That
> hibernation file doesn't get deleted once the laptop is done with it.
> Let's say you're storing data on a TrueCrypt container.  The police grab
> your laptop.  They're foiled -- they don't have the password!  But then
> they look through your hibernation file and find your password hiding
> there in cleartext.

This is very true, and I wonder how many people carefully make sure
the GPG is using secure (unswappable) memory and then happily close
their laptop lids...

The GPG manual says this, but I don't expect many people read down
that far:

   Note also that some systems (especially laptops) have the ability to
   "suspend to disk" (also known as "safe sleep" or "hibernate"). This
   writes all memory to disk before going into a low power or even
   powered off mode. Unless measures are taken in the operating system
   to protect the saved memory, passphrases or other sensitive material
   may be recoverable from it later.

GPG does have some countermeasures against this sort of thing, but
given the nature of the problem, they are far from infallible.

These days, I pretty much assume that any storage device that I have
used has bits and pieces of sensitive stuff on it, and deal with that
accordingly.

David



More information about the Gnupg-users mailing list