Paper reading: kHunt
Paper reading: kHunt
The paper today is titled as “K-Hunt: Pinpointing Insecure Cryptographic Keys from Execution Traces”. Another work using program analysis technique to find the security vulnerabilities. The goal is to find the insecure keys in any binaries. Concretely, the insecure keys mean deterministically generated keys, insecurely negotiated keys and recoverable keys. Examples of deterministically generated keys include hard-coded keys in the program text or the keys that are generated with weak randomness. Examples of insecurely negotiated keys include the keys that are generated by one-party and then sent to the other party. Examples of recoverable keys include the keys that are not deleted in the memory after the program finishes.
The first challenge is how to find crypto-operations and crypto-keys. One key observation is that cryptographic algorithms usually involve many arithmetic operations.