NitroPad V54 - Cold Boot Attack - Intel® Total Memory Encryption - Multi Key

I’ve been looking at laptops with HEADS for a while now.

Cold boot attack :

  1. But what’s stopping me, and why I haven’t bought yet, is that apparently the chosen processors don’t offer total RAM encryption.

https://ark.intel.com/content/www/us/en/ark/products/236847/intel-core-ultra-7-processor-155h-24m-cache-up-to-4-80-ghz.html
Intel® Total Memory Encryption - Multi Key : No

How can HEADS protect us from a Cold Boot attack?

On my old laptops, I do something ugly, but I use GLUE to prevent the RAM from being physically removed.

But then again, I buy cheap laptops on backmarket, so it’s not too serious if I have a problem with a product that’s already had its first life.

  1. And with HEADS, is it easy to reinstall a debian from scratch?
    because I saw that you were offering ubuntu and qubes.

3a) I’ve already bought 2 nitokey, why do I have to buy a new one if I order a laptop?
3b) Can I enroll 2 nitokey for backup?

  1. Suspend to ram its works ?

  2. I suppose we can encrypt the disk with fido2luks?

  1. Heads does not protect against Cold Boot attacks. The RAM is also not soldered to the board e.g. with Nitropad X230. However it protects against Evil Maid when shut down as the disk is encrypted and heads offers measured boot. You would notice that someone tampered with it. Som e OS overwrite the RAM during shutdown. Intel ME is also deactivated but depending on the NitroPad, the processors might be vintage.

  2. You can boot from USB stick and also add other OS to heads to boot from. Most Linux should work.

  3. a) Not sure about the purchase / delivery process but I guess the Nitrokey is used to sign the bootfiles so that you don’t need to reinstall when you receive it.
    b) Not sure as I use only a single token. But there is an option to add a key. Heads uses regular gpg and the keyring is stored in the firmware. So I guess it allows more keys.

  4. At least with Qubes I can say that suspend to RAM works. Should also be the case with other Linux.

  5. Nitrokey 3 supports cryptenroll via FIDO2. Depending on the OS, this can be used to protect the storage (like an additional password). However heads binds the luks key to the TPM and releases it when measured boot showed everything is fine. After heads boots the kernel, the regular initramfs and OS boot process is used. Thus regular Linux tools work as with a regular system.

Thanks for your answers

So you mean that HEADS forces us to use the laptop’s TPM chip to encrypt the luks volume?

For example, can’t I continue to trust the nitrokey and encrypt my luks volume with fido2?

No. Not forcing you. You can configure regular OS features but you could utilize the measured boot to also unseal the luks key.

When you order a Nitropad/pc with an OS, it comes with a regular default luks passphrase for you to change: Change Disk Encryption Passphrase - Nitrokey Documentation

However, you can use heads to seal it to the TPM, as @nku writes. Nitrokey advises against it, see “Confirm the question “Do you wish to add a disk encryption to the TPM” with N.” in step 4: System update - Nitrokey Documentation

The heads docs explain the details: Keys and passwords in Heads | Heads - Wiki

I’ve installed a non-Debian distro to be safe so reinstalling Debian should be feasible, not hard.

Afai you can enroll multiple nitrokey.

to my understanding cold-boot attacks are only sensible with physical access and when there is suspend to ram in effect which does not close the encrypted volume

in my experience system which hibernate do close the encrypted volume and require to enter the encryption key again to thaw and resume

other than that, i think you’de be hard pressed to find a laptop CPU which does support memory encryption, I know some vendors build desktop-replacement laptops with desktop cpu, such could in theory have for example an Epyc 4004 series CPU which does support memory encryption

then again, you’re a civilian, don’t bet on it to be hyper robust, it will be robust enough though