Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ Recolector de Cienci...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2018
License: http://www.gnu.org/licenses/gpl.html
Data sources: Recolector de Ciencia Abierta, RECOLECTA
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao
Recolector de Ciencia Abierta, RECOLECTA
Master thesis . 2019
License: http://www.gnu.org/licenses/gpl.html
Data sources: Recolector de Ciencia Abierta, RECOLECTA
 View all 3 versions
Claim

Automation of white-box cryptography attacks in Android applications

descriptionPublicationkeyboard_double_arrow_right Master thesis 01 Jan 2018 Spain English Publisher:Universitat Oberta de Catalunya (UOC)
Authors: Sánchez Ballabriga, Víctor;

handle: 10609/87865

Automation of white-box cryptography attacks in Android applications

Abstract

Este proyecto tiene dos objetivos principales que pretenden, como producto final, por un lado facilitar la búsqueda de funciones que implementan criptografía de tipo white-box, así como su posterior instrumentación, lo que facilitaría la tarea de los analistas de seguridad que deben probar la robustez de estas implementaciones en productos reales. Al investigar y profundizar en las diferentes técnicas que podrían usarse para identificar la huella que este tipo de criptografía puede dejar en un binario que lo está utilizando, su identificación podría convertirse en una tarea semiautomática. Por otro lado, el segundo objetivo de este proyecto es la implementación de un emulador de procesador en arquitectura ARM. Este emulador tiene las capacidades para recopilar las trazas necesarias para los ataques mencionados anteriormente, así como la capacidad de generar faltas en la ejecución cuando sea necesario. Todo esto crea un entorno de ejecución controlado donde los ataques pueden ser llevados a cabo bajo el control y supervisión de un técnico.

Aquest projecte té dos objectius principals que pretenen, com a objectiu final, d'una banda facilitar la cerca de funcions que implementen criptografia de tipus white-box, així com la seva posterior instrumentació, la qual cosa facilitaria la tasca dels analistes de seguretat que han de provar la robustesa d'aquestes implementacions en productes reals. En investigar i aprofundir en les diferents tècniques que podrien usar-se per a identifi car la petjada que aquest tipus de criptografia pot deixar en un binari que l'està utilitzant, la seva identifi cació podria convertir-se en una tasca semiautomàtica. D'altra banda, el segon objectiu d'aquest projecte és la implementació d'un emulador de processador en arquitectura ARM. Aquest emulador té les capacitats per a recopilar les traces necessàries per als atacs esmentats anteriorment, així com la capacitat de generar faltes en l'execució quan sigui necessari. Tot això crea un entorn d'execució controlat on els atacs poden ser duts a terme sota el control i supervisió d'un tècnic.

This project has two main objectives. The first one is to facilitate the search of the WBC functions in obfuscated binaries, making it easier for the security analysts that want to test the strength of the different WBC implementations in real products. Researching and going deep into the different techniques that could be used to identify the fingerprint that this type of cryptography may leave in a binary which is using it, its identi fication might become in a semiautomatic task. The second objective of the project is to implement an ARM processor emulator with capabilities to collect the necessary traces for the attacks mentioned above, generating also the necessary faults in the execution when needed.

Country
Spain
Related Organizations
Keywords

Informática móvil -- TFM, automatización de ataques, attack automation, Informàtica mòbil -- TFM, automatització d'atacs, aplicacions mòbils, mobile applications, aplicaciones móviles, 629, criptografía white-box, Android, criptografia white-box, white-box cryptography, Mobile computing -- TFM

  • BIP!
    Impact byBIP!
    selected citations
    These citations are derived from selected sources.
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 0
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
Powered by OpenAIRE graph
Found an issue? Give us feedback
selected citations
These citations are derived from selected sources.
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
0
Average
Average
Average
Green