Lec03a - COMP7370 Advanced Computer and Network Security...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Cold Boot Attacks on Encryption Keys (3) Topics: 1. Identifying keys in memory 2. Attacking encrypted disks 3. Countermeasures Topic 1: Identifying keys in memory Question: How will you identify keys in RAM? o Statistical tests o Locate program data structures Identify AES keys ( see slide ) o Input: a memory image o Output: a list of likely keys o Basic idea: (1) key schedules rather than original keys (2) Recover keys from their key schedules i Topic 2: Attacking disks (encrypted) Conditions: o Laptops are stolen ( why we have this condition for memory attacking threats? – physical access to DRAM) o Powered on o Suspended. ( why? To attack keys on DRAM) o Discussions on an exception : - How to extract keys from DRAM even if computers are powered off for a long time? - When the machine boots, the keys will be loaded into RAM automatically j Hamming dis tance 176 or 240 byes Key schedule word that should have been generated from the surrounding words. 1
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 3

Lec03a - COMP7370 Advanced Computer and Network Security...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online