Abstract
AbstractIn this paper we propose a set of algorithms that can automatically detect the use of AES and automatically recover both the encryption key and the plaintext, assuming that we can control the code flow of the encrypting program, e.g., when an application is performing encryption without the user’s permission. The first algorithm makes use of the fact that we can monitor accesses to the AES S-Box and deduce the desired data from these accesses; the approach is suitable to software-based AES implementations, both naïve and optimized. To demonstrate the feasibility of this approach we designed a tool which implements the algorithm for Microsoft Windows running on the Intel x86 architecture. The tool has been successfully tested against a set of applications using different cryptographic libraries and common user applications. We also discuss the options of recovering the same data when hardware-assisted AES implementations on Intel-compatible architectures are used.
Publisher
Springer Science and Business Media LLC
Reference14 articles.
1. DeBlasio J. Protecting users from insecure downloads in google chrome. https://blog.chromium.org/2020/02/protecting-users-from-insecure.html. Accessed 28 Sept 2020.
2. Auxier B, Rainie L, Anderson M, Perrin A, Kumar M, Turner E. Americans and Privacy: concerned, confused and feeling lack of control over their personal information. https://www.pewresearch.org/internet/2019/11/15/americans-and-privacy-concerned-confused-and-feeling-lack-of-control-over-their-personal-information/. Accessed 28 Sept 2020.
3. Kokeš J, Matějka J, Lórencz R. Automatic detection and decryption of AES by monitoring S-Box access. In: Proceedings of the 7th international conference on information systems security and privacy-ICISSP, pp. 172–180. SciTePress, Setúbal (2021). https://doi.org/10.5220/0010255201720180.
4. Daemen J, Rijmen V. The design of Rijndael: AES—the advanced encryption standard. 1st ed. Berlin, Heidelberg: Springer; 2002.
5. Malbrain K. Higher performance AES C byte-implementation. https://www.geocities.ws/malbrain/aestable2_c.html. Accessed 28 Sept 2020.