Paper 2011/643

Some Words About Cryptographic Key Recognition In Data Streams

Alexey Chilikov and Evgeny Alekseev

Abstract

Search for cryptographic keys in RAM is a new and prospective technology which can be used, primarily, in the computer forensics. In order to use it, a cryptanalyst must solve, at least, two problems: to create a memory dump from target machine and to distinguish target cryptographic keys from other data. The latter leads to a new mathematical task: <<recognition of cryptographic keys in the (random) data stream>>. The complexity of this task significantly depends on target cryptoalgorithm. For some algorithms (i.e. AES or Serpent) this task is trivial but for other ones it may be very hard. In this work we present effective algorithms of expanded key recognition for Blowfish and Twofish. As far as we know this task for these algorithms has never been considered before.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
side-channel attackslive-memory analysisdigital forensicsblowfishtwofish
Contact author(s)
chilikov @ passware com
History
2011-11-30: received
Short URL
https://ia.cr/2011/643
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2011/643,
      author = {Alexey Chilikov and Evgeny Alekseev},
      title = {Some Words About Cryptographic Key Recognition In Data Streams},
      howpublished = {Cryptology {ePrint} Archive, Paper 2011/643},
      year = {2011},
      url = {https://eprint.iacr.org/2011/643}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.