10

As far as I know, there are two methods for performing cold boot attacks:

  • Reboot the system into an alternate operating system or BIOS with a minimal memory footprint which automatically exports memory to persistent media.
  • Physically remove the memory modules and put them on a motherboard or analyzer with RAM hotplugging enabled, and directly read memory off of them.

Both methods can optionally involve cooling the memory modules to allow the contents of memory to persist longer. However each method has its own downsides. The first method can be problematic because the system may not boot if a BIOS password is set, and POST may overwrite the memory, especially if it is ECC. The second method's downside is that physically removing memory takes more time and increases the chance that data will be lost, and that many devices may have memory soldered onto the motherboard and unmovable. Both techniques may have problems with DDR3 and DDR4 memory due to higher volatility and memory scrambling which is enabled in newer BIOSes (edit: apparently, memory scrambling is totally useless due to using LFSR for encryption, which can be broken with only 50 bytes of known plaintext, although memory interleaving does complicate things when many DIMMs are in use).

I have read a paper that attacks involving hotswapping against early DDR3 modules are practical, with over 90% of bits recovered, but modern DDR3 and DDR4 modules are supposedly significantly different in implementation, which would likely effect cold boot's efficacy in the wild. Because I know that cold boot attacks against legacy DDR and DDR2 memory are quite trivial, I don't care as much about that, although I would still be interested to see examples of actual uses of cold boot attacks against them regardless, if there's nothing else.

So my question is, in live, criminal computer forensics in the wild, what is the most common form of cold boot attack used today against DDR3 and DDR4 DRAM, and why?

Edit: A possible useful lead is this archived presentation. The summary:

BIOS swap on server PC. Memory acquisition using firewire, reboot or userspace tools is standard. What if your intel motherboard BIOS wipes ECC memory and live plugging PCIe fails?

The presentation describes an alternative way to initialise RAM using methods from the coreboot project. After initialisation the RAM can be dumped compressed over serial and a LPC-USB device.

This makes it sound like removing the memory didn't even cross their minds. In the talk, they said that it was impractical to hotswap the DIMMs, cooling the modules would not be sufficient, and all but the most advanced bus memory analyzers are too slow to analyze live memory, even if they are running as slow as 666 MHz. And of course, wiping memory at POST, usage of ECC, or a BIOS password makes booting into an alternate OS or bootloader to dump memory impossible.

forest
  • 65,613
  • 20
  • 208
  • 262
  • Provided you have physical access to the hardware, blasting the memory with something as simple as a can of computer duster to cool it down and then transfer it is a very quick process. I also remember reading a paper about cutting the power and then immediately booting via a USB to access the memory. I can't recall the name atm. – Mathemats Apr 05 '16 at 00:01
  • It's probably one of the classic cold boot attack papers. You're describing the first of the two methods I am talking about. I edited my post to link to two of the papers: the original one, and a more recent one which tested DDR3. Sadly I could find none which focused on DDR4, GDDR4/GDDR5 (which are based on DDR3 but are optimized for bandwidth), or ECC RAM. – forest Apr 05 '16 at 02:55
  • Are you asking us for stats on attack strategies actually used in the wild? I don't know how anyone could have those. If you're asking for something different, what is it? – Neil Smithline Apr 05 '16 at 04:36
  • 1
    Why would you say no one would have those? Forensic techniques like this are not typically secret. For example, I'd be interested if someone came in and said something along the lines of "Well, I work in law enforcement and we have never had to switch memory modules into another system, but I've seen successes booting into an alternate OS to save memory several times. We use kalte 75 for coolant.". It doesn't have to be precise detailed statistics, just more than "this is theoretically possible". – forest Apr 05 '16 at 05:39

2 Answers2

3

First I want to address the DDR3 vs DDR4 issue. The differences between DDR3 and DDR4 are mostly voltage and clock speed. I've looked to see if there's any research on cold booting DDR4, and so far it looks like there's no academic papers out concerning their practicality. While commercial forensics labs may be performing cold boot attacks on DDR4 they're not likely to publish their techniques as that's their competitive advantage. Then again the differences between 3 and 4 are relatively minor (no major changes to what it does, rather it's how it does it's job). It could be the case that there's no difference (in terms of cold booting) between DDR3 and 4.

Cold booting DDR1/2 (in 2013 they couldn't get into DDR3) https://www1.cs.fau.de/filepool/projects/coldboot/fares_coldboot.pdf

Cold booting DDR3 (Intel scrambling) https://www.dfrws.org/2016eu/proceedings/DFRWS-EU-2016-7.pdf

Cold booting DDR2 & DDR3 differences (2015) - DDR3 10 second power loss shows very low error rates in recovery. https://youtu.be/ZHq2xG4XJXM?t=13m10s

Daisetsu
  • 5,120
  • 1
  • 15
  • 24
  • So the difference between DDR3 and DDR4 in terms of method of memory scrambling (use of LFSR) or data interleaving are also minimal? Those seem to be the biggest factors that limit data recovery by amplifying the effect of rapid decay of data. – forest Apr 24 '16 at 02:59
  • I can't say for sure that LFSR or data interleaving changes are minimal as I couldn't find anything pertaining to LFSR on DDR4. I don't think anyone has publicly published anything on DDR4 cold boot. It's just an educated guess at this point that the changes are minimal (otherwise we would probably see more research on it). – Daisetsu Apr 24 '16 at 03:29
  • 1
    @Daisetsu I read a paper on DDR4 scrambling showing it could be broken. Can't find it at the moment. – forest Dec 14 '18 at 04:20
2

While I don't have any information about what techniques are in use in the wild, this academic paper drills into cold boot attacks on DDR4 DRAM attached to Intel Skylake CPUs.

Here are the most relevant parts to this question:

  1. Cold boot attacks are still very feasible both on scrambled DDR3 and DDR4 DRAM. While newer scramblers implemented in Intel's DDR4 controllers provide more data obfuscation, the paper shows that these can still be circumvented.

  2. Volatility: DRAM manufacturers cannot significantly reduce the “volume” of capacitors even in newer generation memory modules without affecting refresh rate (which has remained fixed over many previous generations of DRAM). For this reason, DDR3 and DDR4 DRAM modules still maintain significant amount of their content even when cooled and and transferred to another machine. The paper reports how this was done for DDR4 DRAM.

Salessawi Ferede
  • 21
  • 1