Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

FuzzEval: Assessing Fuzzers on Generating Context-Sensitive Inputs

S Mahmudul Hasan, Polina Kozyreva, Endadul Hoque

TL;DR

This paper presents a comprehensive evaluation of eleven state-of-the-art fuzzers' ability to generate context-sensitive inputs for testing a cryptographic standard, PKCS#1-v1.5, across thirteen implementations.

Abstract

Cryptographic protocols form the backbone of modern security systems, yet vulnerabilities persist within their implementations. Traditional testing techniques, including fuzzing, have struggled to effectively identify vulnerabilities in cryptographic libraries due to their reliance on context-sensitive inputs. This paper presents a comprehensive evaluation of eleven state-of-the-art fuzzers' ability to generate context-sensitive inputs for testing a cryptographic standard, PKCS#1-v1.5, across thirteen implementations. Our study reveals nuanced performance differences among the fuzzers in terms of the validity and diversity of the produced inputs. This investigation underscores the limitations of existing fuzzers in handling context-sensitive inputs. These findings are expected to drive further research and development in this area.

FuzzEval: Assessing Fuzzers on Generating Context-Sensitive Inputs

TL;DR

This paper presents a comprehensive evaluation of eleven state-of-the-art fuzzers' ability to generate context-sensitive inputs for testing a cryptographic standard, PKCS#1-v1.5, across thirteen implementations.

Abstract

Cryptographic protocols form the backbone of modern security systems, yet vulnerabilities persist within their implementations. Traditional testing techniques, including fuzzing, have struggled to effectively identify vulnerabilities in cryptographic libraries due to their reliance on context-sensitive inputs. This paper presents a comprehensive evaluation of eleven state-of-the-art fuzzers' ability to generate context-sensitive inputs for testing a cryptographic standard, PKCS#1-v1.5, across thirteen implementations. Our study reveals nuanced performance differences among the fuzzers in terms of the validity and diversity of the produced inputs. This investigation underscores the limitations of existing fuzzers in handling context-sensitive inputs. These findings are expected to drive further research and development in this area.
Paper Structure (19 sections, 2 equations, 5 figures, 6 tables)

This paper contains 19 sections, 2 equations, 5 figures, 6 tables.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Fuzzing
  4. PKCS#1-v1.5 and RSA Signatures
  5. Design and Implementation
  6. Design of FuzzEval
  7. Implementation
  8. Evaluation
  9. Experimental Setup
  10. Results
  11. Takeaways
  12. Related Work
  13. Conclusion and Future Work
  14. Test Subjects: PKCS#1-v1.5 Libraries
  15. Fuzzers
  16. ...and 4 more sections

Figures (5)

  • Figure 1: Workflow of FuzzEval
  • Figure 2: The average throughput of each fuzzer
  • Figure C1: Diversity metrics for RQ2
  • Figure D2: A sample harness program for test subject Botan.
  • Figure E3: The percentage of valid inputs generated by each fuzzer for each test subject over time (10 hours). A fuzzer's name with an asterisk (e.g., AFL*) refers to the campaigns with deterministic fuzzing mode enabled.