Cryptographic key recovery from Linux memory dumps
Does dm-crypt and cryptoloop provide expected security when facing modern computer forensics techniques?
Cryptoloop and dm-crypt are the two disk encryption solutions provided by the stock Linux kernel. This lecture will describe in detail how to find and reuse cryptoloop and dm-crypt keys from kernel memory.
