New research shows that it’s possible to retrieve an encryption key from DRAM (the main memory chips used to store data while the system is running) during a power cycle.

Apparently the data on a DRAM chip fades slower at power loss than experts believed, allowing it to be retrieved with a quick reboot into a malicious boot application. The encryption key can be retrieved during a reboot and used by the attacker to un-encrypt the data.

At this point the research has been testing and proved to work on BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux.

The video below illustrates how this attack works: