Cryfind : A Static Tool to Identify Cryptographic Algorithm in Binary presented at CODEBLUE2020 2020

by Wei Chieh Chao,

Summary : We present an automatic static tool CryFind to identify cryptographic algorithms in a binary executable. Our main strategy is using string match to search for cryptographic constants and API names. To expand our search range and improve our hit rate, our tool matches strings under different encodings and XOR'ed with different keys, as well as incorporates techniques to extract strings on stack. As a result, we have a more effective and efficient detection tool compared with a wide range of state-of-the-art static analysis tools.