-
Notifications
You must be signed in to change notification settings - Fork 120
TODO
Philippe Teuwen edited this page Mar 1, 2017
·
12 revisions
- Movfuscated AES & DCA (need first the bincompress module)
- DFA (Karroumi, NSC variants, NSC variants src, plaidctf,...)
- Add CHES2015 chal + algebraic attack
- https://github.com/ph4r05/Whitebox-crypto-AES-java ?
- https://www.fi.muni.cz/~xsvenda/securefw.html ?
- look at "Attacks on White-Box AES" by Jean-Gaël Rigot and "A_New_Attempt_of_White-box_AES_Implementation" paper, see if we can create a challenge out of it
- https://github.com/tsu-iscd/jcrypto ?
- https://github.com/jeffsaremi/wbaes ?
- https://github.com/OpenWhiteBox/AES/tree/master/constructions ?
- New DCA on hack.lu2009 with corresponding adaptations of deadpoolDCA framework
- Finish DFA on hack.lu2009 via Frida injection (need first support in tool)
- DFA on Karroumi src?
- DFA on more chals?
- Publish plaidctf2013 algebraic attack
- DCA on plaidctf2013 is possible by tracing registers, see https://twitter.com/ceeesb/status/836262298469576706 dumping EAX before and after all the "call r???" in the tail of function aes_wb_decryptor
- DCA or DFA against Xiao-Lai
- Add docstrings!
- Add bincompress (decimate by stddev) to the framework
- Option to get cipher input via console output (e.g. if generated internally by the chal)
- Work on start-stop filter
- Support missing input or output
- Add docstrings!
- Add DFA via Frida in the framework
- Dig wide errors regions before crashes regions
- Don't stop nailing on crash if from goodfault
- Support DES?
- Statistical mode with candidates ranking
- check start-stop filter and combine it with static filter
- add binary DCA format
- update sqlite db format
- TracerPIN & PIN 76991 https://software.intel.com/en-us/articles/pintool-downloads
- instrumented python vm?
- trs2daredevil conversion tool