Comment by juhanima
12 years ago
When for instance an AES-key is being used by OpenSSL, it is put into a 'struct aes_key_st' which is not random at all but quite easily recognizable when scanning memory.
The Cold Boot attack paper by Halderman, Schoen et al. here
https://citp.princeton.edu/research/memory/
...discusses this in detail in chapter 6, Identifying Keys in Memory.
EDIT: fixed the reference
No comments yet
Contribute on Hacker News ↗