Windows hibernate security vulernability and Axcrypt

[Muevelo]

Hi,  I use windows hibernate a lot. One  vulnerability of hibernate is that the contents of RAM get written to the hard drive in unencrypted form in a file called hiberfil.sys. This means that any unencrypted temporary files on the disk created by encryption software (like Axcrypt does) and encryption keys in RAM used to access these containers/files will be written to hiberfil.sys and can be extracted if a malicious party has physical access to the drive.

The temporary files created by Axcrypt I can deal with, simply closing Axcrypt before hibernating and/or ‘cleaning up’ Axcrypt before closing.

The issue of encryption keys in RAM is more problematic though. Thus, the question:

Does Axcrypt store encryption keys or log in details in RAM at any time while in use or while it is holding files open and in unencrypted form? If it does, these keys would be in plain text form and theoretically extractable from the hibernation snapshot so I need express confirmation either way.

Thanks.

 

 

 

 

[Muevelo]

Bump!

[Beth1974]

Thanks for sharing this information, it’s definitely something I’ll be more mindful of in the future.

[Peter Mabrey]

I thought windows hibernation was very strange, could it be possible to freeze tunnel rush?

[Edward]

AxCrypt stores encryption keys in RAM as plain text when files are open or being accessed, Pokemon Gamma Emerald, as it needs them to perform encryption/decryption operations — this is standard for most encryption software.

[Prabhukumar RModerator]

Hello Edward,

AxCrypt is a file encryption software with no backdoor. AxCrypt do not store users’ information or password in our server/your system, To know more about what stored on our server, please check our privacy policy- https://www.axcrypt.net/information/privacy-policy/ .

[Author]

Posts