eshard has proudly launched ‘esDynamic’, a tool that can analyse the security of mobile applications. This completely software-based solution provides high flexibility and a cheap and fast way to evaluate implementations against a wide range of attacks such as side-channel attacks, single and multiple fault injections and even combined attacks.
esDynamic is designed to support all mobile platforms (i386, x86_64, ARM, ARM64) and targets security features implementations; particularly cryptographic primitives and WhiteBox implementations. It provides techniques to help analyse targets against known threats and state-of-the-art attacks. It increases code coverage in test phases as it unravels physical constraints of classical side-channel or fault injection platforms.
Hugues Thiebeauld, CEO at eshard, said: “Security of mobile applications is becoming increasly important. In order to achieve the right security level, adequate protections must be found against a wide range of threats. We were striving to provide a tool able to analyse the security of sophisticated and powerful attacks and give insights in how to implement the right security. esDynamic is particularly dedicated to assist security evaluation labs, mobile applications developers and any expert willing to improve a mobile application security.”
The tool provides both a tracer and a faulter option. With the tracer you can generate data traces targeting specifically cryptographic algorithms, and more particularly WhiteBox cryptography libraries. With the faulter you can inject faults to native codes compiled for all mobile platforms at runtime. The purpose is to implement state-of-the-art statistical attacks and/or fault injection attacks on various sensitive codes.
This tool is designed to provide users with a comprehensive and adaptive set of features.
For more information, please click here.