zbMATH — the first resource for mathematics

An improved recovery algorithm for decayed AES key schedule images. (English) Zbl 1267.94100
Jacobson, Michael J. jun. (ed.) et al., Selected areas in cryptography. 16th annual international workshop, SAC 2009, Calgary, Alberta, Canada, August 13–14, 2009. Revised selected papers. Berlin: Springer (ISBN 978-3-642-05443-3/pbk). Lecture Notes in Computer Science 5867, 215-230 (2009).
Summary: A practical algorithm that recovers AES key schedules from decayed memory images is presented. J. A. Halderman et al. [“Lest we remember: cold boot attacks on encryption keys”, Commun. ACM 52, No. 5, 91–98 (2009; doi:10.1145/1506409.1506429)] established this recovery capability, dubbed the cold-boot attack, as a serious vulnerability for several widespread software-based encryption packages. Our algorithm recovers AES-128 key schedules tens of millions of times faster than the original proof-of-concept release. In practice, it enables reliable recovery of key schedules at 70% decay, well over twice the decay capacity of previous methods. The algorithm is generalized to AES-256 and is empirically shown to recover 256-bit key schedules that have suffered 65% decay. When solutions are unique, the algorithm efficiently validates this property and outputs the solution for memory images decayed up to 60%.
For the entire collection see [Zbl 1177.94012].

94A60 Cryptography
Full Text: DOI