Cryptographic Key Masking During Run-Time

Andersson, Marcus

January 2008

<p>Many of the products commercially available today contain some form of encrypted or hashed data. It can involve DRM protection, licenses and certificates, signatures or identification information. Regardless of what the data is intended for, it is protected for a reason and may be worth a great deal of money to the owner.</p><p>There are numerous examples of products that have been subject to hacking in the form of simple memory attacks. If the keys are made all too easily extracted, the value of the protected data will soon be lost.</p><p>The aim of the thesis work discussed in this report was to evaluate the vulnerabilities in mobile phones to this sort of attacks and to find possible security enhancements that can be applied. A method is proposed where masking will secure the cryptology keys while they reside in the memory.</p><p>Different masks are developed and tested - The effects on performance are measured and the security is evaluated.</p><p>The thesis work concludes that it is possible to implement masking on many of the security functions using keys and that the masks will increase security. The conclusion also states that the time consumption of the masking heavily depends on which mask that is used and that the masking could be applied in such a way that the level of masking can be varied.</p>

Computer Science

Security

Cryptography

Key handling

Computer engineering

Datorteknik

Cryptographic Key Masking During Run-Time

Andersson, Marcus

January 2008

Many of the products commercially available today contain some form of encrypted or hashed data. It can involve DRM protection, licenses and certificates, signatures or identification information. Regardless of what the data is intended for, it is protected for a reason and may be worth a great deal of money to the owner. There are numerous examples of products that have been subject to hacking in the form of simple memory attacks. If the keys are made all too easily extracted, the value of the protected data will soon be lost. The aim of the thesis work discussed in this report was to evaluate the vulnerabilities in mobile phones to this sort of attacks and to find possible security enhancements that can be applied. A method is proposed where masking will secure the cryptology keys while they reside in the memory. Different masks are developed and tested - The effects on performance are measured and the security is evaluated. The thesis work concludes that it is possible to implement masking on many of the security functions using keys and that the masks will increase security. The conclusion also states that the time consumption of the masking heavily depends on which mask that is used and that the masking could be applied in such a way that the level of masking can be varied.

Computer Science

Security

Cryptography

Key handling

Computer Engineering

Datorteknik