Researching on cryptographic algorithm recognition based on static characteristic-code

Abstract

Recognizing cryptographic algorithm from the binary codes plays an important role in checking the malicious codes and protecting the security of computer systems. This paper firstly introduces the current situation about the algorithm recognition and characteristic-code checking, makes use of the software reverse-engineering technology in order to extract the characteristic-codes from all kinds of the cryptographic algorithms and builds up the static characteristic database about the cryptographic algorithms. Then the paper introduces Boyer-Moore matching algorithm to design a scanning tool for the cryptographic algorithms, tests its efficiency and discusses the corresponding reliability; finally, the paper points out the developmental direction for algorithm recognition and technologies, which will be adopted in the field of software reverse engineering. © 2009 Springer-Verlag Berlin Heidelberg.