基于密码库函数的程序加解密过程分析  

Cryptographic procedure analysis based on cryptographic library function

在线阅读下载全文

作  者:张彦文[1] 尹青 舒辉 李政廉 常瑞 

机构地区:[1]信息工程大学,郑州450000 [2]数学工程与先进计算机国家重点实验室,郑州450000

出  处:《计算机应用》2014年第7期1929-1935,共7页journal of Computer Applications

摘  要:针对常见密码算法种类多及实现方式不同,采用现有特征扫描和动态调试的方法分析程序中的加解密过程非常困难的问题。提出一种基于库函数原型分析和库函数调用链构造的加解密过程分析方法,库函数原型分析是分析常见密码库函数所包含的密码算法知识和库框架知识,并记录形成知识库,库函数调用链是根据密码库函数调用时参数值的相等关系构建的库函数调用的先后关系链,最后根据知识库在链上提取展示密码库及密码算法相关知识。该方法对运用到常见库的程序中的算法的识别精确度达到近100%,能详细分析算法调用时的数据、密钥、模式,并有助于对多个算法的协同处理关系作分析。该方法有助于辅助分析木马、蠕虫之类恶意程序,也可用于检测程序对库密码算法的运用是否正确。Since it's hard to analyze the cryptographic procedure using method of property scan or debugging for the variety and different implementation of cryptographic algorithms, a method was proposed based on library function prototype analysis and their calling-graph building. Library functions prototype analysis is analyzing cryptographic algorithm knowledge and library frame knowledge to form a knowledge base. Calling-graph building is building a calling-graph that reflects the function calling order according to parameter value of the functions. Finally cryptographic algorithm knowledge and library frame knowledge on the calling-graph were extracted. The method discriminated common cryptographic algorithm almost 100%, and it could not only recover cryptographic data, key and cryptographic mode, but also help to analyze the relationship between more than two cryptographic algorithms dealing with the same data. The method could be used to analyze Trojan, worm and test whether the library is used correctly.

关 键 词:密码算法 加解密过程 加解密模式 密钥 加解密数据 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象