| 摘 要: 由于密码学函数对输入存在一定约束,传统模糊测试存在测试效率低、测试用例生成及变异质量不佳的问题。提出了一种基于隔离式变异的密码学函数库模糊测试方法,根据目标函数基本约束构建分层结构化模板,并对关键参数进行随机初始化。在迭代测试阶段,将用于变异的测试用例以键值对形式解析,并针对各参数的值进行隔离变异。基于该方法实现的SKIM-Cryptofuzz原型工具在 OpenSSL上测试的结果表明,该工具代码覆盖情况提升了20%以上,生成语料库质量提升了约60%,漏洞挖掘效率提升了约一个数量级,表明该方法可以提高模糊测试效率和语料库生成质量,从而有效提高漏洞挖掘能力 |
| 关键词: 模糊测试 密码学函数库 隔离式变异 漏洞挖掘 |
|
中图分类号: TP319
文献标识码: A
|
|
| Research on Fuzzing Method for Cryptographic Libraries Based on Isolated Mutation |
|
ZHOU Yifei, NING Shuaiyu, WU Lifa
|
School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing 210023, China)
13615133689@163.com; shuaiyuning@gmail.com; 897701499@qq.com
|
| Abstract: Due to the inherent constraints on inputs for cryptographic functions, traditional fuzzing methods often suffer from low testing efficiency and poor quality in test case generation and mutation. This study proposes a fuzzing method for cryptographic libraries based on isolated mutation. The method constructs hierarchical structured templates according to the basic constraints of the target functions and performs random initialization for key parameters. During the iterative testing phase, test cases intended for mutation are parsed in a key-value pair format, and isolated mutation is applied to the value of each parameter. The prototype tool SKIM-Cryptofuzz (Struture-aware key Isolated Mutation Cryptofuzz), implemented based on this method, is tested on OpenSSL. Results demonstrate that the tool improves code coverage by over 20% , increases the quality of the generated corpus by approximately 60% , and enhances vulnerability discovery efficiency by about an order of magnitude. This indicates that the proposed method can improve fuzzing efficiency and the quality of corpus generation, thereby effectively enhancing vulnerability discoverycapabilities. |
| Keywords: fuzzing cryptographic libraries isolated mutation vulnerability discovery |
