Supercharge Your Innovation With Domain-Expert AI Agents!

Cryptographic algorithm program vulnerability detection method and system, storage medium

A cryptographic algorithm and vulnerability detection technology, which is applied in the direction of program code conversion, calculation, code compilation, etc., can solve problems such as difficult implementation, lack of scalability, and inability to guarantee the accuracy of loopholes, achieving good scalability, high accuracy, and Strong implementation effect

Active Publication Date: 2021-02-19
BEIJING SMARTCHIP MICROELECTRONICS TECH COMPANY +3
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The problems that exist in the vulnerability detection process of high-level programming languages ​​are: the accuracy of vulnerability detection cannot be guaranteed when the behavior of the compiler cannot be predicted, and it is difficult to implement when the source code cannot be obtained
For the vulnerability detection of assembly language, there is only a detection model for the AVR8-bit architecture, which has not been applied to actual detection scenarios, and does not have good scalability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cryptographic algorithm program vulnerability detection method and system, storage medium
  • Cryptographic algorithm program vulnerability detection method and system, storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] Specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be understood that the specific embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

[0032] figure 1 It is a flowchart of a cryptographic algorithm program loophole detection method provided by an embodiment of the present invention. like figure 1 As shown, the embodiment of the present invention provides a method for detecting a cryptographic algorithm program vulnerability, the method comprising:

[0033] S1. Analyzing the assembly file and configuration file of the cryptographic algorithm program.

[0034] The assembly file can be obtained by disassembling the executable file of the cryptographic algorithm program by objdump disassembly tool. The configuration file is a system configuration file, including information such as the function...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of information security, and provides a cryptographic algorithm program loophole detection method, system, and storage medium. The method includes: parsing the assembly file and the configuration file of the cryptographic algorithm program; constructing the program object according to the parsed assembly file and the configuration file; executing the corresponding instruction of the program object according to the instruction classification information, and executing the first instruction Establish the initial allocation set of the safe type system during the process, monitor the execution of each instruction during the execution of the corresponding instructions of the program object, and compare the final allocation set of the safe type system with the specified allocation after all instructions are executed The partial order relationship of the set to determine whether there is information leakage in the cryptographic algorithm program. The invention has high accuracy rate of loophole detection, strong implementability and good expansibility, and is suitable for different types of cryptographic algorithm programs running on the instruction set framework.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a method for detecting a leak in a cryptographic algorithm program, a system for detecting a leak in a cryptographic algorithm program, and a storage medium. Background technique [0002] With the wide application of different open source cryptographic algorithm libraries (such as openssl, libnacl) in all walks of life, cryptographic algorithm security issues have received widespread attention. In many cases, even if the design of the cryptographic algorithm system is secure, inappropriate cryptographic algorithm implementation will lead to serious security problems. Among them, the static time vulnerability is a relatively hidden and harmful one among many security problems. The source of its leakage is branch operations (case statements), conditional statements, or processor instructions with unfixed running times during the encryption and decryption proces...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/56G06F8/53G06F8/41
CPCG06F8/447G06F8/53G06F21/566G06F21/577
Inventor 刘亮张茜歌原义栋张海峰赵东艳王于波唐明杨珍邵瑾陈燕宁
Owner BEIJING SMARTCHIP MICROELECTRONICS TECH COMPANY
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com