# Deriving ChaCha20 Key Streams From Targeted Memory Analysis

**Authors:** Peter McLaren, William J Buchanan, Gordon Russell, Zhiyuan Tan

arXiv: 1907.11941 · 2019-08-13

## TL;DR

This paper uncovers a memory-based vulnerability in ChaCha20 used in OpenSSH and OpenSSL, enabling key extraction through targeted memory analysis, which could compromise encrypted communications without detection.

## Contribution

It identifies a significant cryptographic artefact vulnerability in ChaCha20 implementations and proposes mitigation strategies to prevent key extraction via memory analysis.

## Key findings

- Vulnerability allows key recovery from memory artifacts.
- Memory analysis can crack tunneled data without alerts.
- Mitigation involves obscuring cryptographic artefacts and restricting memory access.

## Abstract

There can be performance and vulnerability concerns with block ciphers, thus stream ciphers can used as an alternative. Although many symmetric key stream ciphers are fairly resistant to side-channel attacks, cryptographic artefacts may exist in memory. This paper identifies a significant vulnerability within OpenSSH and OpenSSL and which involves the discovery of cryptographic artefacts used within the ChaCha20 cipher. This can allow for the cracking of tunneled data using a single targeted memory extraction. With this, law enforcement agencies and/or malicious agents could use the vulnerability to take copies of the encryption keys used for each tunnelled connection. The user of a virtual machine would not be alerted to the capturing of the encryption key, as the method runs from an extraction of the running memory. Methods of mitigation include making cryptographic artefacts difficult to discover and limiting memory access.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1907.11941/full.md

## Figures

6 figures with captions in the complete paper: https://tomesphere.com/paper/1907.11941/full.md

## References

41 references — full list in the complete paper: https://tomesphere.com/paper/1907.11941/full.md

---
Source: https://tomesphere.com/paper/1907.11941