Cold-boot attack

An attack on full-disk encryption that exploits the fact that DRAM contents fade gradually after power-off. With the chips cooled to roughly -50 degrees Celsius using inverted compressed air, key material remains recoverable for seconds to minutes, long enough to reboot into a minimal OS that dumps RAM and extracts the encryption key.

Explained in

Anti-Forensic Techniques and Investigator Counter-Methods

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learning Create Your Account

Cold-boot attack

Explained in

Related terms

Your journey to becoming a forensic professional starts here.