CRYPTODY: Cryptographic Misuse Analysis of IoT Firmware via Data-flow Reasoning

Cryptographic techniques form the foundation of the security and privacy of computing solutions. However, if cryptographic APIs are not invoked correctly, they can result in significant security problems. In this paper, we abstract the intricate crypto misuse detection problem as a data-flow reasoning task. Towards this end, we propose CrypTody, a novel logic-inference-based framework for detecting crypto misuses via reasoning about data flows on multi-architecture IoT firmware images. It carries out cross-architecture analysis, with detection strategies to reduce false positives and false negatives, such as cross-flow misuse inference. To evaluate the effectiveness of CrypTody, we conducted a large-scale experiment on 1,431 firmware images from 16 vendors. Our evaluation shows that 46% of the firmware images have high-risk misuses and 95% have at least one cryptographic misuse. In total, we find 6,624 potential crypto misuses, with 760 being cross-flow misuses that are not detected by existing solutions. We have responsibly disclosed portions of our findings to the relevant vendors. From the feedback, we note that CrypTody has a low false-positive rate for the confirmed misuses. Some typical cases have been assigned CVEs and fixed by the vendors.