Bachelor/Master thesis: Automated Identification of Cryptographic Primitives in Software


Symmetric cryptography is the workhorse of secure communication. But not everyone uses well-established standards such as the AES. Hence, it is of great interest to analyse ciphers that are used in practice but not known to the scientific community. Such ciphers are often weak (e.g. HALFLOOP-24) or even backdoored (e.g. GEA1). But before one can analyse such ciphers one has to find them. One approach for this is to search them in software (e.g. firmware updates).

This thesis will be supervised jointly by SYSSEC and SYMCRYPT.


Given a piece of software (e.g. a firmware update) identify the parts that contain (primitives of) symmetric cryptography in an automated fashion.


Related Work

Where’s Crypto?: Automated Identification and Classification of Proprietary Cryptographic Primitives in Binary Code


Prior knowledge in the area of reverse engineering and basic understanding of primitives used in symmetric cryptography.



Veelasha Moonsamy

Interested students are required to include their list of courses and grades (i.e. Leistungsübersicht), and a short description of their research interests in the email.