The present inventive concept relates to volatile memories, and more particularly, to a device, system, and method for defreshing data on a volatile memory such as a dynamic random access memory (DRAM) in connection with a reset or power cycle.
Contrary to popular belief, DRAM does not lose all data instantaneously after power loss, but rather it retains the data for between several seconds to several minutes. Such behavior facilitates myriad attacks such as a “cold-boot attack” that can target the memory image and allow an attacker to surreptitiously obtain partial or full contents of the memory.
For example, if a user uses encryption programs to encrypt a hard drive or magnetic disk storage, such programs encrypt the entire drive and use DRAM to save the encryption key during online operation. An attacker can steal the user's laptop while still powered-on, spray the DRAM memory module with a cooling spray that is easily accessible from most home goods stores, pull out the memory module, put it in a different computer machine, and then read the entire memory image out of it. It is now relatively straight forward for the attacker to guess which of all the DRAM data is the encryption key. Once the attacker has the encryption key he can obtain full access to the user's encrypted hard drive. This attack can be executed by a moderately sophisticated attacker with no special equipment. Embodiments of the present inventive concept address these and other limitations in the prior art.