Hacker News new | past | comments | ask | show | jobs | submit login 

    An advantage you gain right off the bat is that patterns
    in AES keys can be distinguished from other seemingly
    random blocks of data. This is how tools like aeskeyfind
    and bulk_extractor locate the keys in memory dumps, packet
    captures, etc. In most cases, extracting the keys from RAM
    is as easy as this:

    $ ./aeskeyfind Win8SP0x86.raw
Shouldn't it be possible to store an AES key in a way that's indistinguishable from random data?



At PrivateCore, we keep key material (and the entire Linux stack) pinned in the CPU cache, then encrypt main memory. This would thwart physical memory extraction attacks, like cold booting, Fireware, Thunderbolt, NV-DIMMs, bus analyzers, malicious RAM, etc.

Note, that doesn't help if someone compromises the software stack and extracts memory contents logically. A compromised kernel running in cache can just decrypt memory contents.


I was not aware pinning memory in the CPU cache was even possible. Is this done via some Linux interface? Or directly by using some hardware feature of the CPU?

In any case, it sounds like a very interesting way of maintaining greater protection for secrets.


PrivExec does something similar with ephemeral keys http://www.onarlioglu.com/privexec/


I hope linking to reddit doesn't get me banned, but this question was asked there and explained nicely:

http://www.reddit.com/r/netsec/comments/1va904/truecrypt_mas...


So it's not the actually the key that's easily located, but the key schedule from which you can get the key out easily?


Yes for projects like aeskeyfind

For Volatility we use the TC data structures in memory to lead us to the key (the same ones TC uses to perform reads/writes)




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: