Protection of computer data is very important, and various encryption schemes have been proffered to make it difficult to improperly extract computer data. Some of these encryption schemes protect the data while in transit between or among computers, and others encrypt the data stored in nonvolatile memory so that a person improperly in possession of a computer cannot extract plain-text information from the stored data.
It has recently been shown in an article by J. Alex Halderman et al. of Princeton University, entitled “Lest We Remember: Cold Boot Attacks on Encryption Keys” (http://citp.princeton.edu/memory/) that attacks on encrypted data stored in a computer are very easy, and require little time or equipment. The article states in part                “Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems—BitLocker, FileVault, dm-crypt, and TrueCrypt—using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.”        
The video accompanying the Halderman et al. article illustrates volatile DIMM memory being sprayed with liquid for cooling, and being removed from a computer. FIG. 1A is a simplified side elevation view of a typical DIMM. The Halderman et al. article also shows the ease with which the volatile Dual In-line Memory Module (DIMM) can be sprayed with a volatile liquid for cooling, and how the DIMM can easily be removed from a computer and placed in another computer with the data in the volatile memory intact. When a computer handles encrypted data, the encryption key is typically stored in volatile memory. Using the Halderman et al. techniques, the encryption key can be extracted from a target computer, and used to decrypt the encrypted data. This makes sensitive computer files or data vulnerable to unauthorized hacking.
In order to use encrypted data stored on a computer, the authorized user must typically enter a keyword or password at start-up to generate a key used to un-encrypt or decrypt the files stored on the nonvolatile memory for execution and use. This key, once generated, is stored in volatile memory, typically Dynamic Random Access Memory (DRAM) in the form of Single In-line or Dual In-line Memory Module(s) (SIMM or DIMM). Often, whenever the computer is powered down, put to sleep, or screen locked, a password must be re-entered in order to resume use of the data; however, the key remains in volatile memory. As mentioned, information has become available to hackers and to tamperers as to how to retrieve the password or key from volatile memory, thereby allowing access to all the information stored in the volatile and nonvolatile memories of a computer.
Improved protection of encrypted information is desired.