Bachelor/Master thesis: Automated Identification of Cryptographic Primitives in Software

Description

Symmetric cryptography is the workhorse of secure communication. But not everyone uses well-established standards such as the AES. Hence, it is of great interest to analyse ciphers that are used in practice but not known to the scientific community. Such ciphers are often weak (e.g. HALFLOOP-24) or even backdoored (e.g. GEA1). But before one can analyse such ciphers one has to find them. One approach for this is to search them in software (e.g. firmware updates).

This thesis will be supervised jointly by SYSSEC and SYMCRYPT.

Goal

Given a piece of software (e.g. a firmware update) identify the parts that contain (primitives of) symmetric cryptography in an automated fashion.

 

Related Work

Where’s Crypto?: Automated Identification and Classification of Proprietary Cryptographic Primitives in Binary Code

Requirements

Prior knowledge in the area of reverse engineering and basic understanding of primitives used in symmetric cryptography.

 

Contact

Veelasha Moonsamy

Interested students are required to include their list of courses and grades (i.e. Leistungsübersicht), and a short description of their research interests in the email.