GPG Memory Forensics

Explore GPG memory forensics techniques in this conference talk from Nullcon Berlin. Learn how to retrieve passphrases and encryption keys from memory dumps of gpg-agent processes or full system dumps. Discover Volatility3 plugins for extracting key material and original plaintext. Understand the potential defensive applications of these techniques, such as countering ransomware attacks. Gain insights from security experts Nils Amiet and Sylvain Pelissier on the vulnerabilities and forensic analysis of GnuPG, a widely used encryption solution with nearly 25 years of history.

GPG Memory Forensics by Nils Amiet and Sylvain Pelissier | Nullcon Berlin