Firmware Cryptographic Algorithm Identification And Defects Detection And Their Application

With the explosive growth of routers,switches and various kinds of smart devices,embedded devices have become very popular,whose security issues are becoming increasingly important.Embedded device firmware contains information such as hardware information,various application functions,and parameter configurations.Their security affects the operation of hardware and software and most of the devices run directly on the Internet.It is very meaningful to detect and analyze these firmware to prevent malicious programs and protect the security of hardware and software.The firmware is generally solidified on the chip or read-only memory and has higher authority.Firmware security mechanisms or weak authentication systems can cause the firmware system to be hijacked or attacked.The cryptographic technology plays an important role in secure transmission,identity authentication,update and upgrade.The application of cryptography has strong professionalism.Different types of cryptographic algorithms and use should comply with relevant specifications.Identifying and detecting cryptographic algorithms and application defects in the firmware can help analyze the security of the firmware.In order to adapt to the diversity of the number and types of embedded devices,the firmwares designed by various companies use different chip platforms.This paper proposes a framework based on static analysis that can be compatible with multiple chip platforms for detection and analysis.The framework makes a comprehensive analysis of the results generated by the disassembly engine and combines the characteristics of different types of cryptographic algorithms,especially the instruction structure and hierarchy under static analysis.Several types of cryptographic algorithms are screened and identified in the firmware system,and defect detection is performed on the basis of the recognition.It mainly judges weak algorithms,misuse of keys,key management,and password mechanisms,combing with the application situation in the firmware,detecting and analyzing the possible defects.In short,through the use of our framework to detect and analyze the program files of 300 different types of firmware obtained on the Internet,the use of cryptographic algorithms in 213 firmwares was identified.As a result,28 firmware applications in application cryptography have been found to have different degrees of application defects,and analysis and recommendations have been given in this paper.