Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
White-Box Cryptography and an AES Implementation
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
An open-source cryptographic coprocessor
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Targeting Physically Addressable Memory
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
The Long-Short-Key Primitive and Its Applications to Key Security
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
mCarve: Carving attributed dump sets
SEC'11 Proceedings of the 20th USENIX conference on Security
Detection and analysis of cryptographic data inside software
ISC'11 Proceedings of the 14th international conference on Information security
A protocol for secure public instant messaging
FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
A method for safekeeping cryptographic keys from memory disclosure attacks
INTRUST'09 Proceedings of the First international conference on Trusted Systems
A survey of main memory acquisition and analysis techniques for the windows operating system
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Automated mapping of large binary objects using primitive fragment type classification
Digital Investigation: The International Journal of Digital Forensics & Incident Response
The persistence of memory: Forensic identification and extraction of cryptographic keys
Digital Investigation: The International Journal of Digital Forensics & Incident Response
An introspection-based memory scraper attack against virtualized point of sale systems
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Deadbolt: locking down android disk encryption
Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
| Hi-index | 0.00 |
In this paper we consider the problem of efficiently locating cryptographic keys hidden in gigabytes of data, such as the complete file system of a typical PC. We describe efficient algebraic attacks which can locate secret RSA keys in long bit strings, and more general statistical attacks which can find arbitrary cryptographic keys embedded in large programs. These techniques can be used to apply \lunchtime attacks" on signature keys used by financial institutes, or to defeat \authenticode" type mechanisms in software packages.