Know of someone that works in computer forensics and/or data recovery? This question is for them (Arduino experience is a plus).
So I get the idea of uploading a "stop" sketch for the purpose of overriding a previously uploaded program in Flash memory space.
Then of course we have EEPROM for "long-term" storage.
However, let's say an Arduino:
- Read user input as secret key and store in memory (SRAM)
- Performed a signing operation with secret key
- Subsequently powered off
We know that computers introduce a wide range of complications to security because data can still be recovered, even after being erased or overwritten in some cases, variables stored in memory float around (unless pinned for decryption in SecureString contexts, etc.), etc.
To establish context for the following questions, let's [overly] simplify the attack vector in saying this would be a scenario where an Arduino used in a security application is physically disconnected, stolen, and then powered on sometime later.
Question 1: Obviously we're not talking about storing keys on disk necessarily (i.e. EEPROM). How likely (or difficult) would it be to analyze SRAM with the intent to recover keys that may have been previously stored in memory?
Question 2: Similarly, let's say sensitive information was in fact stored in EEPROM. Does the same hold true of data previously stored in EEPROM that has since been overwritten with new (i.e. zero) data?