Reverse Engineering a Code without the Code - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2017

Reverse Engineering a Code without the Code

Résumé

Retrieving assets inside a secure element is a challenging task. The most attractive assets are the cryptographic keys stored into the Non Volatile Memory (NVM) area but also the algorithms executed. Thus, the confidentiality of binary code embedded in that device in the Read Only Memory (ROM) must be protected. Thanks to a previous attack we succeeded in having access to a dump of NVM. We try here to to take advantage of the object oriented features of the platform to provide a means to speed up the reverse engineering of the dump. The idea here is to reverse engineer an algorithm without having access to to the code. We have only access to the data. We use a specifically designed graphic tool to reason about the data such that we are able to understand the principle of the algorithm. Then, we are able to bypass the protection mechanism in order to get access to the binary code.
Fichier non déposé

Dates et versions

hal-01591926 , version 1 (22-09-2017)

Identifiants

  • HAL Id : hal-01591926 , version 1

Citer

Abdelhak Mesbah, Jean-Louis Lanet, Mohamed Mezghiche. Reverse Engineering a Code without the Code. 1st Reversing and Offensive-oriented Trends Symposium 2017 , Sergey Bratus (Dartmouth College), Nov 2017, Vienna, Austria. ⟨hal-01591926⟩
273 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More