Roberto L�pez Navarro wrote:
I think I read something that may help you in the article "Playing hide and
seek with stored keys" by Adi Shamir and Nicko van Someren. The abstract:
"In this paper we consider the problem of efficiently locating
cryptographic keys hidden in gigabytes of data, such as the
complete file system of a typical PC. We describe efficient algebraic
attacks which can locate secret RSA keys in long bit
strings, and more general statistical attacks which can find
arbitrary cryptographic keys embedded in large programs.
These techniques can be used to apply lunchtime attacks on
signature keys used by financial institutes, or to defeat authenticode
type mechanisms in software packages.
Keywords: Cryptanalysis, lunchtime attacks, RSA, authenticode,
key hiding."
True it is focus on finding key metarial of filesystems, but nevertheles, it
should be a valid approach for memory dumps.
You can download it from www.ncipher.com after registration.
Whoever reads it, makr sure you realize that "locating the key material"
is vastly different from "locating the key material having the piece
of encrypted data and posessing the knowledge about the structure of
data being encrypted".
The last one may be exponentially easier.
--
Lev Walkin
[EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
