Reverse Engineering a Code without the Code

Abstract : Retrieving assets inside a secure element is a challenging task. The most attractive assets are the cryptographic keys stored into the Non Volatile Memory (NVM) area but also the algorithms executed. Thus, the confidentiality of binary code embedded in that device in the Read Only Memory (ROM) must be protected. Thanks to a previous attack we succeeded in having access to a dump of NVM. We try here to to take advantage of the object oriented features of the platform to provide a means to speed up the reverse engineering of the dump. The idea here is to reverse engineer an algorithm without having access to to the code. We have only access to the data. We use a specifically designed graphic tool to reason about the data such that we are able to understand the principle of the algorithm. Then, we are able to bypass the protection mechanism in order to get access to the binary code.
Type de document :
Communication dans un congrès
1st Reversing and Offensive-oriented Trends Symposium 2017 , Nov 2017, Vienna, Austria
Liste complète des métadonnées

https://hal.inria.fr/hal-01591926
Contributeur : Jean-Louis Lanet <>
Soumis le : vendredi 22 septembre 2017 - 11:47:35
Dernière modification le : jeudi 12 avril 2018 - 01:58:42

Identifiants

  • HAL Id : hal-01591926, version 1

Citation

Abdelhak Mesbah, Jean-Louis Lanet, Mohamed Mezghiche. Reverse Engineering a Code without the Code. 1st Reversing and Offensive-oriented Trends Symposium 2017 , Nov 2017, Vienna, Austria. 〈hal-01591926〉

Partager

Métriques

Consultations de la notice

247