Validation of Encryption Implementation in Software through Reverse Engineering

Abstract

These days data security and communication are major concern for every organization/ individual and there are bundle of software available which uses cryptographic primitives to protect internal data and to secure communication. Users want to know that either the software they are using for their organization or data is really the one that the developer has promised or mentioned in the specification because not every software is open source. In case of close source software there need to be some parameters that can guarantee that the software is implemented well as stated in the specification secondly the best implementation practice is in place. AES (Advance Encryption Standard) is FIPS approved cryptographic algorithm that is basically used for data protection. It is widely used for encryption and decryption of data in software as well as hardware. Reverse engineering is a technique used to disassemble or discover the concept or code used in applications. In this research, Different reverse engineering techniques were explored to discover standard or otherwise implementation of AES encryption mechanism. This include correct algorithm as defined in this work, key mechanism and modes of encryption. This research also introduces a framework which can be used to achieve the goals using design heuristics and AES signatures which were formulated over the period of time. To automate and speed up the detection process a tool named “AES Crypto Scanner”was developed, which will scan the assembly file against defined parameters.