Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESORICS
2009
Springer
2009
Springer
ReFormat: Automatic Reverse Engineering of Encrypted Messages
Automatic protocol reverse engineering has recently received significant attention due to its importance to many security applications. However, previous methods are all limited in analyzing only plain-text communications wherein the exchanged messages are not encrypted. In this paper, we propose ReFormat, a system that aims at deriving the message format even when the message is encrypted. Our approach is based on the observation that an encrypted input message will typically go through two phases: message decryption and normal protocol processing. These two phases can be differentiated because the corresponding instructions are significantly different. Further, with the help of data lifetime analysis of run-time buffers, we can pinpoint the memory locations that contain the decrypted message generated from the first phase and are later accessed in the second phase. We have developed a prototype and evaluated it with several real-world protocols. Our experiments show that ReFormat can...
Real-time TrafficAssociated Message Structure | Decrypted Message Buffers | ESORICS 2009 | Message Decryption | Security Privacy |
Related Content
| Added | 23 Nov 2009 |
| Updated | 23 Nov 2009 |
| Type | Conference |
| Year | 2009 |
| Where | ESORICS |
| Authors | Zhi Wang, Xuxian Jiang, Weidong Cui, Xinyuan Wang, Mike Grace |
Comments (0)
Researcher Info
|
