The Design of Rijndael
Serpent: A New Block Cipher Proposal
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Decoding error-correcting codes via linear programming
Decoding error-correcting codes via linear programming
Algebraic Aspects of the Advanced Encryption Standard (Advances in Information Security)
Algebraic Aspects of the Advanced Encryption Standard (Advances in Information Security)
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Distinguisher and Related-Key Attack on the Full AES-256
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
An Improved Recovery Algorithm for Decayed AES Key Schedule Images
Selected Areas in Cryptography
Bivium as a Mixed-Integer Linear Programming Problem
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Algebraic side-channel analysis in the presence of errors
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Applications of SAT Solvers to AES Key Recovery from Decayed Key Schedule Images
SECURWARE '10 Proceedings of the 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies
A related-key rectangle attack on the full KASUMI
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Cryptanalysis of the light-weight cipher a2u2
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Quantum money from hidden subspaces
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
Hi-index | 0.00 |
A method for extracting cryptographic key material from DRAM used in modern computers has been recently proposed in [9]; the technique was called Cold Boot attacks. When considering block ciphers, such as the AES and DES, simple algorithms were also proposed in [9] to recover the cryptographic key from the observed set of round subkeys in memory (computed via the cipher's key schedule operation), which were however subject to errors due to memory bits decay. In this work we extend this analysis to consider key recovery for other ciphers used in Full Disk Encryption (FDE) products. Our algorithms are also based on closest code word decoding methods, however apply a novel method for solving a set of non-linear algebraic equations with noise based on Integer Programming. This method should have further applications in cryptology, and is likely to be of independent interest. We demonstrate the viability of the Integer Programming method by applying it against the Serpent block cipher, which has a much more complex key schedule than AES. Furthermore, we also consider the Twofish key schedule, to which we apply a dedicated method of recovery.