Automated testing of Crypto Software Using Differential Fuzzing

by Jean-Philippe Aumasson, Yolan Romailler
Sept. 14, 2017 1 comment crypto fuzzing

We present a new and efficient approach to systematic testing of cryptographic software: differential fuzzing. Unlike general purpose software fuzzing such as afl, differential fuzzing doesn't aim to find memory corruption bugs (although they might come as a by-product), but to find logic bugs. Compared to test vectors, differential fuzzing provides greater code coverage. Compared to formal verification, differential fuzzing is easier to apply, both for testers and developers.

Steven Ulm 8 months, 1 week ago

I can really see this implemented with cryptocurrencies as well... just saying.