A Vision for Enhancing Security of Cryptography in Executables

  • Otto Brechelmacher
  • Willibald Krenn
  • Thorsten TarrachEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10953)


This paper proposes an idea on how to use existing techniques from late stage software customization to improve the security of software employing cryptographic functions. In our vision, we can verify an implemented algorithm and replace it with a faster or more trusted implementation if necessary. We also want to be able to add encryption to binaries that currently do not employ any, or gain access to unencrypted data if an application depends on encryption.

To corroborate the feasibility of our vision, we developed a prototype that is able to identify cryptographic functions in highly optimized binary code and tests the identified functions for functional correctness, potentially also revealing backdoors.


Crypto Functions DynamoRIO Binary Rewriting Symbolic Analysis Framework Runtime Manipulation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Thompson, K.: Reflections on trusting trust. Commun. ACM 27(8), 761–763 (1984)CrossRefGoogle Scholar
  2. 2.
    Egele, M., Brumley, D., Fratantonio, Y., Kruegel, C.: An empirical study of cryptographic misuse in Android applications. In: CCS 2013, pp. 73–84 (2013)Google Scholar
  3. 3.
    CCC: Analyse einer Regierungs-Malware. Technical report, Chaos Computer Club (2011)Google Scholar
  4. 4.
    Codenomicon, Google-Security: CVE-2014-0160. Available from MITRE, CVE-ID CVE-2014-0160, 3 Dec 2013Google Scholar
  5. 5.
    Bello, L.: CVE-2008-0166. Available from MITRE, CVE-ID CVE-2008-0166, 9 Jan 2008Google Scholar
  6. 6.
    Bruening, D., Zhao, Q., Amarasinghe, S.: Transparent dynamic instrumentation. ACM SIGPLAN Not. 47(7), 133–144 (2012)CrossRefGoogle Scholar
  7. 7.
    Hiser, J., Nguyen-Tuong, A., Hawkins, W., McGill, M., Co, M., Davidson, J.: Zipr++: exceptional binary rewriting. In: FEAST 2017, pp. 9–15 (2017)Google Scholar
  8. 8.
    Majlesi-Kupaei, A., Kim, D., Anand, K., ElWazeer, K., Barua, R.: RL-Bin, robust low-overhead binary rewriter. In: FEAST 2017, pp. 17–22 (2017)Google Scholar
  9. 9.
    Chipounov, V., Kuznetsov, V., Candea, G.: The S2E platform: design, implementation, and applications. TOCS 30(1), 2 (2012)CrossRefGoogle Scholar
  10. 10.
    Shoshitaishvili, Y., Wang, R., Salls, C., Stephens, N., Polino, M., Dutcher, A., Grosen, J., Feng, S., Hauser, C., Kruegel, C., Vigna, G.: SoK: (state of) the art of war: offensive techniques in binary analysis. In: S&P 2016 (2016)Google Scholar
  11. 11.
    Saudel, F., Salwan, J.: Triton: a dynamic symbolic execution framework. In: Symposium sur la sécurité des Technologies de l’information et des Communications, SSTIC, France, Rennes, June 3–5 2015, SSTIC, pp. 31–54 (2015)Google Scholar
  12. 12.
    Cadar, C., Dunbar, D., Engler, D.R., et al.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: OSDI. vol. 8, pp. 209–224 (2008)Google Scholar
  13. 13.
    Jiang, Y., Zhang, C., Wu, D., Liu, P.: Feature-based software customization: preliminary analysis, formalization, and methods. In: HASE 2016, pp. 122–131 (2016)Google Scholar
  14. 14.
    Kim, D., Sumner, W.N., Zhang, X., Xu, D., Agrawal, H.: Reuse-oriented reverse engineering of functional components from x86 binaries. In: ICSE 2014, pp. 1128–1139 (2014)Google Scholar
  15. 15.
    Xu, D., Ming, J., Wu, D.: Cryptographic function detection in obfuscated binaries via bit-precise symbolic loop mapping. In: S&P 2017, pp. 921–937 (2017)Google Scholar
  16. 16.
    Dockins, R., Foltzer, A., Hendrix, J., Huffman, B., McNamee, D., Tomb, A.: Constructing semantic models of programs with the software analysis workbench. In: VSTTE 2016, pp. 56–72 (2016)Google Scholar
  17. 17.
    Bassham III, L.E.: The advanced encryption standard algorithm validation suite (AESAVS). NIST Information Technology Laboratory (2002)Google Scholar
  18. 18.
    McKeeman, W.M.: Differential testing for software. Digit. Techn. J. 10(1), 100–107 (1998)Google Scholar
  19. 19.
    Papp, D., Buttyán, L., Ma, Z.: Towards semi-automated detection of trigger-based behavior for software security assurance. In: SAW 2018 (2018)Google Scholar
  20. 20.
    ARM: mbedTLS.

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Otto Brechelmacher
    • 1
  • Willibald Krenn
    • 1
  • Thorsten Tarrach
    • 1
    Email author
  1. 1.AIT Austrian Institute of TechnologyViennaAustria

Personalised recommendations