Reversing Cryptography in Black Box Binaries // Dahmun Goudarzi, Robin David
In-Person | March 18-21 | 4 Days
BOOK NOWABSTRACT
Cryptography is a key component of the development of any product involving sensitive data. Analysing it at binary-level is usually a tedious task. To do so, one should first locate the cryptographic blocks, identify whether they are coming from standard algorithms or custom ones and finally assess their security. Even after complete cartography and understanding of the binary, it remains a challenging task to properly assess if and how the cryptographic blocks are flawed or not. Cryptography is often seen as a field restricted to highly qualified people with strong math background. The goal of this training is to demystify this field by giving attendees a proper knowledge and toolkit to ease the cryptanalysis of primitives in binary files (namely the identification and assessment of the robustness), and how to perform such cryptanalysis with some tools that we created. The various sections and topics will always be provided with hands-on exercises taken from real-world binaries encountered in our assessments. While many topics will be covered to share as much insights as possible, the main goal is to provide the proper material and skill knowledge for any attendees to understand how to tackle cryptography found at binary-level in order to derive an enlighten advice on its soundness and robustness.
Reversing Cryptography in Black Box Binaries // Dahmun Goudarzi, Robin David
In-Person | March 18-21 | 4 Days
INTENDED AUDIENCE
Practitioners assessing or encountering cryptographic implementation and protocols during reverse at binary-level.
KEY LEARNING OBJECTIVES
- Introduction to Cryptography: principles, primitives and algorithms.
- Understanding how real-world crypto works without needing to know why (no mathematical background required!).
- Learning how to identify cryptographic primitives and/or protocols in complex binaries and whether their implementation is sound and robust.
- Learning how to use several tools we developed to automate the product security analysis and testing for conformity check, vulnerability search or attack automation.
COURSE DETAILS
MODULE 1: Demystifying Cryptographic Primitives
- Basic Concepts
- encryption/decryption
- authentication
- signatures
- cryptographic materials and derivation
- etc
- Modelling Adversary
- Black/Grey/White box
- Building Blocks
- Symmetric cryptography: AES and modes, SHA, etc.
- Public-key cryptography: RSA, ECC, etc.
- Protocols
- Diffie-Hellman key exchange, TLS, SSH, etc.
- Implementation Requirements: conformity, constant time.
- Practicals:
- hands-on on basic cryptographic attacks
- identifying weaknesses with input/output observations
MODULE 2: Identifying Crypto in Binaries
- Identification 101 (e.g., API symbols, constants, findcrypt)
- Constructing ad-hoc documentation for identification
- What are the key points?
- How are cryptographic materials handled?
- Are there any constants involved?
- Introduction to Side-channels analysis: understanding what we can observe during a crypto execution
- Advanced identification
- How to use custom YARA rules
- Pattern matching via tracers
- Memory exploration to find Crypto Materials
- Reminder on randomness, entropy, etc.
- Testing a random number generator soundness with TestU01
- Where to look in memory?
- Practicals:
- Identify algorithms used in a simple binary
- Decrypt TLS exchanges with tweaked randomness generation
- Identify lesser used primitives/custom ones with YARA rules
- Identify the Crypto primitives in a Satellite user terminal
- Find an AES size via tracing
MODULE 3: Testing Crypto in Black-box
- Introduction to crypto-condor, a tool automating conformity checks of cryptographic implementations
- Introduction to code emulation
- Practicals: assessing a binary conformity using crypto-condor and emulation:
- Get started with crypto-condor on a malformed messaging app
- Standard implementation compliance checks (OpenSSL, mbedTLS..)
- Harnessing and compliance checks of cryptography for embedded devices through emulation
MODULE 4: Advanced Testing
Automation of Vulnerability Search
- Introduction to Differential Fuzzing
- List of the different tools, what they can do and catch
- Bestiary of Vulnerabilities
- How to cryptanalyse them?
- Practicals: getting started with tools to assess:
- Conformity of an encountered crypto primitive (even custom made ones)
- Robustness against side-channel attacks, memory leaks
- Writing your first harness that can export function to crypto-condo
White-box Cryptography Analysis with Side-Channel Marvels
- Introduction to White-box Crypto
- Side-Channel Marvels: list of tools, how to use them to automate attacks
- Practical: use-case on CHES CTFs
Knowledge Prequisites
- NO Mathematical background required
- Basic reverse-engineering skills, x86-64 and ARM binaries will be studied
- Basic skills in Python and C/C++
Hardware Requirements
- Laptop with x86-64 architecture
- 10Gb+ disk space
- 16GB Memory recommended
Software Requirements
- VirtualBox or VMWare (free version is OK)
YOUR INSTRUCTORS: Dahmun Goudarzi and Robin David
Dahmun Goudarzi is a French Cryptographic R&D researcher focused on the automation of the analysis of cryptographic solutions in deployed products. He originally hold a PHD from Ecole Normale Supérieur de Paris and CryptoExperts where he worked on secure implementation of block ciphers against physical attacks. His works have lead to dozen of publications at top-end cryptographic conferences. He is now a full time security researcher at Quarkslab where is leading different research topics and tools developement to automate the analysis of cryptographic component in source and native code.
Robin David is a French Software Security Researcher focused on reverse engineering and software testing (fuzzing and symbolic execution). He originally holds a Phd from the Atomic Energy Comission (CEA) where he attacked obfuscation using formal methods and symbolic execution. He is now full-time security researcher at Quarkslab where he is leading the automated analysis team and various research topics. From time to time we present its work in various security conferences.