Playing "Hide and Seek" with Stored Keys

In this paper we consider the problem of efficiently locating cryptographic keys hidden in gigabytes of data, such as the complete file system of a typical PC. We describe efficient algebraic attacks which can locate secret RSA keys in long bit strings, and more general statistical attacks which can find arbitrary cryptographic keys embedded in large programs. These techniques can be used to apply \lunchtime attacks" on signature keys used by financial institutes, or to defeat \authenticode" type mechanisms in software packages.

[1]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.