Cryptographic Key Masking During Run-Time
Independent thesis Basic level (professional degree), 20 points / 30 hpStudent thesis
Many of the products commercially available today contain some form of encrypted or hashed data. It can involve DRM protection, licenses and certiﬁcates, signatures or identiﬁcation information. Regardless of what the data is intended for, it is protected for a reason and may be worth a great deal of money to the owner.
There are numerous examples of products that have been subject to hacking in the form of simple memory attacks. If the keys are made all too easily extracted, the value of the protected data will soon be lost.
The aim of the thesis work discussed in this report was to evaluate the vulnerabilities in mobile phones to this sort of attacks and to ﬁnd possible security enhancements that can be applied. A method is proposed where masking will secure the cryptology keys while they reside in the memory.
Diﬀerent masks are developed and tested - The eﬀects on performance are measured and the security is evaluated.
The thesis work concludes that it is possible to implement masking on many of the security functions using keys and that the masks will increase security. The conclusion also states that the time consumption of the masking heavily depends on which mask that is used and that the masking could be applied in such a way that the level of masking can be varied.
Place, publisher, year, edition, pages
Institutionen för teknik och naturvetenskap , 2008. , 64 p.
Computer Science, Security, Cryptography, Key handling
IdentifiersURN: urn:nbn:se:liu:diva-12034ISRN: LIU-ITN-TEK-A--08/020--SEOAI: oai:DiVA.org:liu-12034DiVA: diva2:18385
2008-02-27, TP41, Täppan, Bredgatan 33, Norrköping, 10:15
Nilson, AndersQin-Zhong, Ye