<p>The rapid growth of Internet of Things (IoT) devices has increased security risks due to cryptographic misuse in firmware, including vulnerable algorithms and misconfigurations. Accurate identification of cryptographic algorithms in firmware is fundamental for firmware analysis, while existing tools, usually designed for x86 platform, struggle with IoT-specific architectures, file formats, and instruction sets. Currently, it lacks a unified and scalable evaluation framework, and standard datasets. Besides, there are challenges to be addressed: unverified tool applicability, unexplored impacts of instruction sets and compilation optimizations, and insufficient empirical data on cryptographic implementations. To this end, this study proposes a modular framework for IoT firmware cryptographic algorithm identification, which supports plug-and-play integration of tools via standardized interfaces, a three-dimensional evaluation metric (algorithm types, function counts, constant quantities) and a standardized test dataset covering seven cryptographic libraries, six instruction set architectures, and four compilation optimization levels. Through four experimental studies including tool performance comparison, compilation optimization impact analysis, architecture difference evaluation, and real-world firmware cryptographic usage investigation, it demonstrates that constant-based identification techniques achieve optimal performance in IoT scenarios while revealing the impact mechanisms of ISA architectures and compilation optimizations on identification effectiveness. It also provides methodological guidance and empirical data foundations for IoT firmware cryptographic algorithm identification studies in the future.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A unified evaluation framework for cryptographic algorithm identification tools in IoT firmware

  • Yi-Fei Li,
  • Xiao-Yang Zhou,
  • Jie-Wei Du,
  • Cheng-Yu Hu,
  • Jin Shi,
  • Shan-Qing Guo

摘要

The rapid growth of Internet of Things (IoT) devices has increased security risks due to cryptographic misuse in firmware, including vulnerable algorithms and misconfigurations. Accurate identification of cryptographic algorithms in firmware is fundamental for firmware analysis, while existing tools, usually designed for x86 platform, struggle with IoT-specific architectures, file formats, and instruction sets. Currently, it lacks a unified and scalable evaluation framework, and standard datasets. Besides, there are challenges to be addressed: unverified tool applicability, unexplored impacts of instruction sets and compilation optimizations, and insufficient empirical data on cryptographic implementations. To this end, this study proposes a modular framework for IoT firmware cryptographic algorithm identification, which supports plug-and-play integration of tools via standardized interfaces, a three-dimensional evaluation metric (algorithm types, function counts, constant quantities) and a standardized test dataset covering seven cryptographic libraries, six instruction set architectures, and four compilation optimization levels. Through four experimental studies including tool performance comparison, compilation optimization impact analysis, architecture difference evaluation, and real-world firmware cryptographic usage investigation, it demonstrates that constant-based identification techniques achieve optimal performance in IoT scenarios while revealing the impact mechanisms of ISA architectures and compilation optimizations on identification effectiveness. It also provides methodological guidance and empirical data foundations for IoT firmware cryptographic algorithm identification studies in the future.