491 research outputs found
CryptoKnight:generating and modelling compiled cryptographic primitives
Cryptovirological augmentations present an immediate, incomparable threat. Over the last decade, the substantial proliferation of crypto-ransomware has had widespread consequences for consumers and organisations alike. Established preventive measures perform well, however, the problem has not ceased. Reverse engineering potentially malicious software is a cumbersome task due to platform eccentricities and obfuscated transmutation mechanisms, hence requiring smarter, more efficient detection strategies. The following manuscript presents a novel approach for the classification of cryptographic primitives in compiled binary executables using deep learning. The model blueprint, a Dynamic Convolutional Neural Network (DCNN), is fittingly configured to learn from variable-length control flow diagnostics output from a dynamic trace. To rival the size and variability of equivalent datasets, and to adequately train our model without risking adverse exposure, a methodology for the procedural generation of synthetic cryptographic binaries is defined, using core primitives from OpenSSL with multivariate obfuscation, to draw a vastly scalable distribution. The library, CryptoKnight, rendered an algorithmic pool of AES, RC4, Blowfish, MD5 and RSA to synthesise combinable variants which automatically fed into its core model. Converging at 96% accuracy, CryptoKnight was successfully able to classify the sample pool with minimal loss and correctly identified the algorithm in a real-world crypto-ransomware applicatio
Breaking of Simplified Data Encryption Standard using Genetic Algorithm
Cryptanalysis of ciphertext by using evolutionary algorithm has gained so much interest in recent years. In this paper we have used a Genetic algorithm with improved crossover operator (Ring Crossover) for cryptanalysis of SDES. There so many attacks in cryptography. The cipher text attack only is considered here and several keys are generated in the different run of the genetic algorithm on the basis of their cost function value which depends upon frequency of the letters. The results on the S-DES indicate that, this is a promising method and can be adopted to handle other complex block ciphers like DES, AES
A Binomial Crossover Based Artificial Bee Colony Algorithm for Cryptanalysis of Polyalphabetic Cipher
Cryptography is one of the common approaches to secure private data and cryptanalysis involves breaking down a coded cipher text without having the key. Cryptanalysis by brute force cannot be accepted as an effective approach and hence, metaheuristic algorithms performing systematic search can be applied to derive the optimal key. In this study, our aim is to examine the overall suitability of Artificial Bee Colony algorithm in the cryptanalysis of polyalphabetic cipher. For this purpose, using a number of different key lengths in both English and Turkish languages, basic Artificial Bee Colony algorithm (ABC) is applied in the cryptanalysis of Vigenere cipher. In order to improve the ABC algorithm\u27s convergence speed, a modified binomial crossover based Artificial Bee Colony algorithm (BCABC) is proposed by introducing a binomial crossoverbased phase after employed bee phase for a precise search of global optimal solution. Different keys in various sizes, various cipher texts in both English and Turkish languages are used in the experiments. It is shown that optimal cryptanalysis keys produced by BCABC are notably competitive and better than those produced by basic ABC for Vigenere cipher analysis
Shake well before use: Authentication based on Accelerometer Data
Small, mobile devices without user interfaces, such as Bluetooth headsets, often need to communicate securely over wireless networks. Active attacks can only be prevented by authenticating wireless communication, which is problematic when devices do not have any a priori information about each other. We introduce a new method for device-to-device authentication by shaking devices together. This paper describes two protocols for combining cryptographic authentication techniques with known methods of accelerometer data analysis to the effect of generating authenticated, secret keys. The protocols differ in their design, one being more conservative from a security point of view, while the other allows more dynamic interactions. Three experiments are used to optimize and validate our proposed authentication method
Where's Crypto?: Automated Identification and Classification of Proprietary Cryptographic Primitives in Binary Code
The continuing use of proprietary cryptography in embedded systems across
many industry verticals, from physical access control systems and
telecommunications to machine-to-machine authentication, presents a significant
obstacle to black-box security-evaluation efforts. In-depth security analysis
requires locating and classifying the algorithm in often very large binary
images, thus rendering manual inspection, even when aided by heuristics, time
consuming.
In this paper, we present a novel approach to automate the identification and
classification of (proprietary) cryptographic primitives within binary code.
Our approach is based on Data Flow Graph (DFG) isomorphism, previously proposed
by Lestringant et al. Unfortunately, their DFG isomorphism approach is limited
to known primitives only, and relies on heuristics for selecting code fragments
for analysis. By combining the said approach with symbolic execution, we
overcome all limitations of their work, and are able to extend the analysis
into the domain of unknown, proprietary cryptographic primitives. To
demonstrate that our proposal is practical, we develop various signatures, each
targeted at a distinct class of cryptographic primitives, and present
experimental evaluations for each of them on a set of binaries, both publicly
available (and thus providing reproducible results), and proprietary ones.
Lastly, we provide a free and open-source implementation of our approach,
called Where's Crypto?, in the form of a plug-in for the popular IDA
disassembler.Comment: A proof-of-concept implementation can be found at
https://github.com/wheres-crypto/wheres-crypt
- …