logo

Practical Key Search Attacks Against Modern Symmetric Ciphers

Conference:  Defcon 27

2019-08-01

Summary

Practical key search attacks against modern symmetric ciphers are possible due to common mistakes and conditions that allow for brute force recovery of keys. The speaker discusses optimizations to speed up key search efforts and presents a FOSS tool that implements their approach.
  • Brute force key recovery attacks against modern ciphers like AES should be impractical with the current state of computer hardware, but in practice, these conditions do not always hold
  • Common mistakes and conditions allow for practical brute force recovery of keys for modern block ciphers such as AES
  • Optimizations to speed up key search efforts are possible
  • A FOSS tool has been developed to implement this approach
The speaker highlights the lack of attention given to cracking encryption keys compared to hash cracking in the hacker community. They call for action to take this technique and run with it to the same extent as password hash cracking. The speaker also mentions the possibility of future work, such as adding support for a EAD cipher mode.

Abstract

In theory, brute force key recovery attacks against modern ciphers like AES should be impractical with the current state of computer hardware. It's often said that recovering an AES key should take longer than the remainder of the life of the sun. However, this assumes that keys are chosen properly, and that there is no way to determine whether a key is the correct one after a candidate key is used to decrypt a captured ciphertext. In practice, these conditions do not always hold. In much the same way that hash functions are impossible to reverse but hash cracking is still a practical attack, in the real world it is often possible to perform practical key search attacks. In this talk, we will discuss the common mistakes and common conditions that allow for practical brute force recovery of keys for modern block ciphers such as AES. We will also discuss optimizations to speed up key search efforts, and present our FOSS tool, which implements our approach.

Materials:

Tags:

Post a comment

Related work


Conference:  Defcon 31
Authors: Tom Pohl Principal Consultant and the Penetration Testing Team Manager at LMG Security
2023-08-01



Conference:  Defcon 31
Authors: David McGrew Fellow, Cisco Systems, Brandon Enright, Andrew Chi
2023-08-01