Studies into the behavior of volatile semiconductor RAM memories when power has been removed show that under certain conditions, it is possible to recover the data held within the device on the re-application of device power. Furthermore, it has been suggested that even after the overwriting of a particular RAM location, upon removal and re-application of device power, there is an increased probability that the location under test will assume the state which existed prior to overwrite. The success of this data recovery mechanism is believed to be dependent on the length of time a particular location has been in the same state. When a cell has stored a bit for a long period, it acquires an increased propensity to set up in the same polarity on powering up, even when it has been erased before powering down. The longer the cell holds the data, the stronger this propensity becomes.
This data recovery mechanism is of great significance in cryptographic equipments, where Key Variables (KVs) are held in volatile RAM (often battery backed) for some considerable time. It has hitherto been considered sufficient to effect an assured erase on KV holding elements within these cryptographic equipments as a countermeasure to KV compromise. An assured erase is taken to mean writing known data to the memory device, and reading it back after writing to make sure that the write operation and hence data obliteration has been successful.
This data recovery mechanism is an extremely serious threat to security when capture of equipment is possible, because it may allow unauthorized persons to recover part of the KV, even after an assured erasure. One might conceive of attacks in which exhaustive search for a working KV is made easier by choosing vectors close (in the sense of Hamming distance) to the observed power-on set-up state of the register or memory location where the KV was held. This vulnerability is amplified where KVs are used to encrypt other bulk cryptographic information, and these KVs are not changed very often, typically many months, which will obviously leave a more substantial `ghost image`.