| As a tool for accessing the Internet,wireless routers play a very important role in the era of rapid Internet development.In order to protect the security of the device and the user's privacy,various cryptographic algorithms are implemented in wireless routers,such as AES,DES and so on.These algorithms not only directly affect the security of the wireless router,but also have a great impact on the security of the surrounding devices.However,because developers can't systematically master cryptography,these cryptographic algorithms may be misused,which poses a huge threat to the user's security and privacy.So we use existing methods and techniques to systematically detect cryptographic misuses in wireless routers.This approach provides not only the capability of recognizing cryptographic algorithms in large-scale wireless routers,but also the ability of finding misuses of cryptographic algorithms.Using this approach,we evaluated 334 wireless router firmware from 9 popular manufacturers(360,Phicomm,Tp-Link,Netcore,Mercury,Tenda,Linksys,Tomato,Zyxel),and accurately recognized a total of 1045 functions related to cryptography in these firmware.Our evaluation focusing on finding cryptographic misuse was conducted to analyze 57 most frequently downloaded firmware,the results show 52(more than 90%)firmware contain at least one misuse.To illustrate the security issues caused by cryptographic misuses,we analyzed the usage scenarios of these cryptographic algorithms misused in firmware. |
PDF Full Text Request