Automatic Detection and Decryption of AES by Monitoring S-Box Access
Josef Kokeš, Jonatan Matějka, Róbert Lórencz
2021
Abstract
In this paper we propose an algorithm that can automatically detect the use of AES and automatically recover both the encryption key and the plaintext. It makes use of the fact that we can monitor accesses to the AES S-Box and deduce the desired data from these accesses; the approach is suitable to software-based AES implementations, both naíve and optimized. To demonstrate the feasibility of this approach we designed a tool which implements the algorithm for Microsoft Windows running on the Intel x86 architecture. The tool has been successfully tested against a set of applications using different cryptographic libraries and common user applications.
DownloadPaper Citation
in Harvard Style
Kokeš J., Matějka J. and Lórencz R. (2021). Automatic Detection and Decryption of AES by Monitoring S-Box Access.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 172-180. DOI: 10.5220/0010255201720180
in Bibtex Style
@conference{icissp21,
author={Josef Kokeš and Jonatan Matějka and Róbert Lórencz},
title={Automatic Detection and Decryption of AES by Monitoring S-Box Access},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2021},
pages={172-180},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010255201720180},
isbn={978-989-758-491-6},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Automatic Detection and Decryption of AES by Monitoring S-Box Access
SN - 978-989-758-491-6
AU - Kokeš J.
AU - Matějka J.
AU - Lórencz R.
PY - 2021
SP - 172
EP - 180
DO - 10.5220/0010255201720180