Abstract

During the execution of a program the keys for encryption algorithms are in the random access memory (RAM) of the machine. Technically, it is easy to extract the keys from a dumped image of the memory. However, not many examples of such key extractions exist, especially during program execution. In this paper, we present a key extraction technique and confirm its effectiveness by implementing the Process Peeping Tool (PPT) – an analysis tool – that can dump the memory during the execution of a target program and help the attacker deduce the encryption keys through statistical analysis of the memory contents. Utilising this tool, we evaluate the security of two sample programs, which are built on top of the well-known OpenSSL library. Our experiments show that we can extract both the private key of the RSA asymmetric cipher as well as the secret key of the AES block cipher.

Full Text

Published Version

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.