Segregating Keys from noncense: Timely Exfil of Ephemeral Keys from Embedded Systems

Heini Bergsson Debes, Thanassis Giannetsos

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

65 Downloads (Pure)

Abstract

As lightweight embedded devices become increasingly ubiquitous and connected, they present a disturbing target for adversaries circumventing the gates of cryptography. We consider the challenge of exfiltrating and locating cryptographic keys from the run-time environment of software-based services when their software layout and data structures in memory are unknown. We detail an attack that can, without affecting the system’s operation, exfiltrate keys in use promptly by leveraging the strong causality between transceivers and keyed cryptosystems (authentication, authorization, and encryption). We then propose how to effectively and efficiently reduce the key material’s search space from a batch of stackshots (stack extractions) by leveraging the stack’s innate composition, which, to the best of our knowledge, is the first method to systematically infer and reduce the search space of semi-arbitrary keys. We instantiate and evaluate our attack against MSP430 micro-controllers.
Original languageEnglish
Title of host publicationProceedddings of 17th International Conference on Distributed Computing in Sensor Systems
PublisherIEEE
Publication date2021
Pages92-101
ISBN (Print)978-1-6654-3929-9
DOIs
Publication statusPublished - 2021
Event17th International Conference on Distributed Computing in Sensor System - Pafos, Cyprus
Duration: 14 Jul 202116 Jul 2021
Conference number: 2021 DCOSS

Conference

Conference17th International Conference on Distributed Computing in Sensor System
Number2021 DCOSS
Country/TerritoryCyprus
CityPafos
Period14/07/202116/07/2021

Keywords

  • Key-Exposure Problem
  • Runtime Key Disclosure

Fingerprint

Dive into the research topics of 'Segregating Keys from noncense: Timely Exfil of Ephemeral Keys from Embedded Systems'. Together they form a unique fingerprint.

Cite this