Reconstructing AES Key Schedules from Decayed Memory with FPGAs

2014 IEEE 22nd Annual International Symposium on Field-Programmable Custom Computing Machines Pub Date : 2014-05-01 DOI:10.1109/FCCM.2014.67

Heinrich Riebler, Tobias Kenter, Christian Plessl, Christoph Sorge

{"title":"Reconstructing AES Key Schedules from Decayed Memory with FPGAs","authors":"Heinrich Riebler, Tobias Kenter, Christian Plessl, Christoph Sorge","doi":"10.1109/FCCM.2014.67","DOIUrl":null,"url":null,"abstract":"In this paper, we study how AES key schedules can be reconstructed from decayed memory. This operation is a crucial and time consuming operation when trying to break encryption systems with cold-boot attacks. In software, the reconstruction of the AES master key can be performed using a recursive, branch-and-bound tree-search algorithm that exploits redundancies in the key schedule for constraining the search space. In this work, we investigate how this branch-and-bound algorithm can be accelerated with FPGAs. We translate the recursive search procedure to a state machine with an explicit stack for each recursion level and create optimized datapaths to accelerate in particular the processing of the most frequently accessed tree levels. We support two different decay models, of which especially the more realistic non-idealized asymmetric decay model causes very high runtimes in software. Our implementation on a Maxeler dataflow computing system outperforms a software implementation for this model by up to 27x, which makes cold-boot attacks against AES practical even for high error rates.","PeriodicalId":246162,"journal":{"name":"2014 IEEE 22nd Annual International Symposium on Field-Programmable Custom Computing Machines","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 22nd Annual International Symposium on Field-Programmable Custom Computing Machines","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FCCM.2014.67","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

In this paper, we study how AES key schedules can be reconstructed from decayed memory. This operation is a crucial and time consuming operation when trying to break encryption systems with cold-boot attacks. In software, the reconstruction of the AES master key can be performed using a recursive, branch-and-bound tree-search algorithm that exploits redundancies in the key schedule for constraining the search space. In this work, we investigate how this branch-and-bound algorithm can be accelerated with FPGAs. We translate the recursive search procedure to a state machine with an explicit stack for each recursion level and create optimized datapaths to accelerate in particular the processing of the most frequently accessed tree levels. We support two different decay models, of which especially the more realistic non-idealized asymmetric decay model causes very high runtimes in software. Our implementation on a Maxeler dataflow computing system outperforms a software implementation for this model by up to 27x, which makes cold-boot attacks against AES practical even for high error rates.

查看原文本刊更多论文

利用fpga从衰减存储器重构AES密钥调度

本文研究了如何从衰减的存储器中重构AES密钥调度。当试图用冷启动攻击来破坏加密系统时，此操作是一个至关重要且耗时的操作。在软件中，AES主密钥的重建可以使用递归的分支绑定树搜索算法来执行，该算法利用密钥调度中的冗余来限制搜索空间。在这项工作中，我们研究了如何用fpga加速这种分支定界算法。我们将递归搜索过程转换为具有每个递归级别显式堆栈的状态机，并创建优化的数据路径，以加速特别是最频繁访问的树级别的处理。我们支持两种不同的衰减模型，特别是更现实的非理想化的非对称衰减模型会导致软件的高运行时间。我们在Maxeler数据流计算系统上的实现比该模型的软件实现性能高出27倍，这使得针对AES的冷启动攻击即使在高错误率下也是可行的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 IEEE 22nd Annual International Symposium on Field-Programmable Custom Computing Machines

自引率

0.00%

发文量