Publications
- Max Ammann, Lucca Hirschi, Steve Kremer. DY Fuzzing: Formal Dolev-Yao Models Meet Protocol Fuzz Testing. IEEE Security & Privacy, 2024.
Tools
- tlspuffin: We developed with Max Ammann (main developer, security engineer at Trail of Bits), Tom Gouville (PhD student), and Michael Mera (research engineer) a fuzzer implementing a novel model-guided kind of fuzzer. The novel idea is to use the security-related domain-specific Dolev-Yao formal model to guide the fuzzer towards finding logical attacks in security protocols. See our tool website.
News
- [November 2023] New paper accepted at Security & Privacy’24 where we propose a new fuzzing technique we called Dolev-Yao model-guided Fuzzing. We provide a full-fledged implementation of such a DY fuzzer in Rust with our tool tlspuffin, which found four new CVEs on WolfSSL, including one critical and two high CVEs. See our project website, recorded talk, or poster.
- [January 2023] The ProtoFuzz project (2023-2027) was funded by the ANR (280k euros) as a JCJC project (individual research projects coordinated by young researchers). We are looking for students (research interns, PhD students), postdocs, and engineers to join this research effort. In case you are interested, contact Lucca Hirschi via email.
