Oliver Welter wrote:
Hello Lev,
thx for the quick answer
We use openssl to en/decrypt data with 3des - is it possible to
retrieve the used key while running a de/encryption via a memory
debugger or something similar ?
[skip]
plan for building the system for which the cost of stealing the key
would be
barely more than expected damage which can possibly occur from
breaking the
system. that's the golden practical rule.
yes of course - you must find the balance between paranoid and necessary ;)
Are there any studies or test that have dealt with this issue ? That it
is theoretically possible was clear to me, the question meant if it is
"enough possible" for practical relevance - I even can hack a 3des key
in a certain amount of time - so there is of course no 100% security...
this is very trivial. the key is contained clear-text in the memory image
of a process (/dev/mem, or whatever). To try to decrypt the data with the key,
the simplest case is a brute-force: fetch a memory region at location X,
treat it as a key, and try to decrypt an encrypted data. You certainly have
to have an algorithm to determine with high probability that decription has
succeeded, but it is quite easy for most structured data, including audio
formats. The complexity of this task is linear with amount of process memory:
for 5 mbyte process the whole process will take certainly less than an hour
of average computer.
do you really need a "study" to believe that?
--
Lev Walkin
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
