Weak cryptographic algorithm should be removed from source code to avoid a false sense of security(for example: MD5. Of course, there is possibly the algorithm in source code, but it doesn't use the name "MD5"), however, is any systematic method/tool that can detect weak encryption algorithm in source code first? The source code language are Java and C.
-
There are programming assistance/software synthesis methods being researched that can supposedly spot incorrect usage of an API in source code and "in theory" spot security vulnerabilities. However I have no idea what stage the research is at. http://www.wired.com/2014/11/darpa-pliny – samgak Mar 24 '16 at 09:11
-
1You could try searching for the constants used in these algorithms. – RoraΖ Mar 24 '16 at 11:45
2 Answers
First of all, md5
is a hash function, not an encryption function.
As to hash functions that are considered broken:
There are only a few - a simple egrep might spit out some offending source files given the right expression.
As to ciphers:
strong ciphers:
As this recent question demonstrates, most of the time the problem is not the actual encryption used but that it is used in the wrong way, without sufficient understanding of the matter.
This cannot be detected sufficiently good, because the problems are often introduced in a very subtle way, where e.g. only the variable names hint at a problem.
weak ciphers (or weak modi, like ECB) may be put on the same black list string file that is used to search for
md5
et al.
Secondly, as I come to think of it: md5
has legitimate use cases other than secure hashing (which it is not quite as good in).
Also, you say
Weak cryptographic algorithm should be removed from source code to avoid a false sense of security
wich I not quite get: where does the false sense of security come from? End users rarely look at sources - and if they do, they most likely can spot what you could detect very quickly. The developers of the sources should know better. If that is a problem, you rather want to educate the developers than scanning their sources for weak crypto use.
- 14,352
- 8
- 44
- 58
Many algorithms require some magic constants. MD5 is one of them. It requires to initialize four 32bit integer variables to the following values:
0x67452301
0xefcdab89
0x98badcfe
0x10325476
When these four constants appear in the same sourcecode file, it could be an MD5 implementation. However, a human programmer would have to take a look to make sure of it.
Keep in mind that programming languages often have a wide variety of possible ways to represent integer literals. Each of these possibilities needs to be checked.
- 49,017
- 8
- 127
- 158
-
For substitution cipher method(Caesar cipher), it should be infeasible to search for the magic constants. – Matt Elson Mar 24 '16 at 14:13