> ## Documentation Index
> Fetch the complete documentation index at: https://docs.binarly.io/llms.txt
> Use this file to discover all available pages before exploring further.
# Cryptographic Detection
> How the Binarly Transparency Platform detects cryptographic materials in firmware and binary images.
The Binarly Transparency Platform (BTP) statically analyzes binary images to detect cryptographic materials - algorithms, protocols, certificates, and keys - without requiring source code or debug information. Detected properties appear in the [Cryptographic Materials tab](/user-guides/image-scans/cryptographic-materials) and are exported in the [CBOM](/user-guides/export/cbom) and [PQC Compliance Report](/user-guides/export/pqc).
## Detection by Binary Type
### Native Binaries
For native compiled binaries - UEFI firmware modules or ELF executables and libraries - detection is **code-based**.
BTP identifies cryptographic algorithm implementations by matching known algorithm-specific constants in code and data sections, tracing cross-references to those constants, and - for select algorithms - applying partial emulation to resolve indirect calls. Detection does **not** rely on symbol names, function names, or debug information:
* Custom implementations of well-known algorithms are still detected if the underlying code patterns are present.
* Stripped binaries are fully supported.
* Obfuscated or heavily modified implementations may reduce detection confidence or prevent detection entirely.
### Managed Runtimes
For binaries targeting managed runtimes - Java bytecode and Python packages - detection is **API-based**.
BTP identifies cryptographic usage by recognizing calls to supported cryptographic library APIs:
**Java:** [Apache Commons Codec](https://commons.apache.org/proper/commons-codec/), [Bouncy Castle](https://www.bouncycastle.org/), [Google Guava](https://github.com/google/guava), [Google Tink](https://developers.google.com/tink), JDK (`javax.crypto`, `java.security`)
**Python:** [`cryptography`](https://cryptography.io/), [M2Crypto](https://github.com/mcepl/M2Crypto), [Pooch](https://github.com/fatiando/pooch), [PyCryptodome](https://pycryptodome.readthedocs.io/), [PyNaCl](https://pynacl.readthedocs.io/), [pyOpenSSL](https://pyopenssl.org/), stdlib ([`hashlib`](https://docs.python.org/3/library/hashlib.html), [`hmac`](https://docs.python.org/3/library/hmac.html))
Custom algorithm implementations that bypass supported APIs will **not** be detected.
## Coverage by binary type
The set of detectable algorithms differs between binary types. Native code-based detection has the broadest coverage. API-based detection for managed runtimes is constrained to what the supported libraries expose.
| Category | Native | Java | Python |
| ---------------------------------- | ---------------------- | -------------- | -------------------------------------------- |
| Encryption | Full | Most ciphers | Common ciphers |
| Hashing — cryptographic | Full | Full | Full |
| Hashing — non-cryptographic | DJB2, FNV, MurmurHash3 | — | — |
| MAC | Full | Full | Full |
| Signing | Full | All except PQC | Common variants; no PQC, Ed25519, Ed448, SM2 |
| PQC signing (ML-DSA, SLH-DSA, LMS) | ✓ | — | — |
| PRNG (Mersenne Twister) | ✓ | — | — |
Non-cryptographic hashes, PRNG, and PQC signing are detected via code patterns in native binaries. These algorithms have no equivalent API surface in the supported Java or Python libraries.
## What Is Detected
### Algorithms and Protocols
Algorithm findings record the algorithm class, the binary component and offset where the implementation was found, and reachability information.
Algorithm classes follow the `crypto/algorithm/*` and `crypto/protocol/*` naming scheme. Detection coverage varies by binary type: native binaries use code-based detection, while managed runtimes (Java, Python) use API-based detection against supported libraries. See [Finding Classes Reference](/resource-center/finding-classes) for the full list.
### Certificates
Certificate findings record the full set of X.509 parameters: issuer, subject, validity period (not-before and not-after dates), expiration status, signature algorithm, public key algorithm and size, and whether the certificate is self-signed.
Certificate issue classes follow the `crypto/certificate/*` naming scheme. Certificates without issues are recorded as `artefact/crypto-certificate-material` properties.
### Keys
Key material records key type (RSA, EC, Ed25519, post-quantum), key size or parameter set, public vs. private classification, and location within the image.
Key material is recorded under `artefact/crypto-key-material`. Private keys exposed within firmware are additionally flagged under `secret/private-key` or `secret/encryption-key`.
For public RSA keys, BTP runs additional security checks and factorization attacks to identify weak or compromised keys:
| Check / Attack | Description | Kind |
| -------------------------- | --------------------------------------------------------------- | ------ |
| SizeCheck | Key is smaller than 2048 bits | Check |
| ExponentCheck | Public exponent is non-standard | Check |
| RocaCheck | Key is affected by the ROCA vulnerability | Check |
| RocaVariantCheck | Key is affected by a ROCA variant (any base) | Check |
| KeypairCheck | Key is affected by CVE-2021-41117 (Keypair factorization) | Check |
| FermatCheck | Key is factorable via Fermat's method | Attack |
| PollardPm1Check | Key may be vulnerable to Pollard's p−1 method | Attack |
| ContinuedFractionsCheck | Key has a large coefficient in its continued fraction expansion | Attack |
| BitPatternsCheck | Key contains a repeating bit pattern | Attack |
| PermutedBitPatternsCheck | Key contains a repeating permuted bit pattern | Attack |
| HighAndLowBitsEqualCheck | Enough bits in p and q coincide to allow factorization | Attack |
| LowHammingWeightCheck | Key is a product of low Hamming weight primes | Attack |
| SmallUpperDifferencesCheck | abs(p − q) has a special form enabling factorization | Attack |
| UnseededRandCheck | Key was generated from an unseeded random number generator | Attack |
## Confidence
Each cryptographic finding carries a confidence score reflecting how well the detected code pattern matched the algorithm. Confidence applies to algorithms, protocols, and assets (certificates and keys). See [Accuracy & Confidence in Findings](/resource-center/accuracy-confidence) for the full confidence model.
## Reachability
Reachability analysis determines whether a cryptographic implementation is accessible from a public entry point in the binary. A reachable finding indicates the implementation can be reached through an execution path, increasing the practical risk of weak or deprecated algorithm usage. See [Reachability Analysis](/resource-center/reachability).
## Algorithm Compliance
Detected algorithms are evaluated against published security standards to identify weak, deprecated, or quantum-vulnerable implementations. See [Algorithm Compliance Reference](/resource-center/algorithm-compliance) for the full classification table.
## Limitations
Java and Python binaries using custom cryptographic implementations that bypass supported APIs will not be detected.
For obfuscated components, the analysis may be inaccurate and provide incorrect results or no results.
## Related
* [Cryptographic Materials Tab](/user-guides/image-scans/cryptographic-materials)
* [Algorithm Compliance Reference](/resource-center/algorithm-compliance)
* [Finding Classes Reference](/resource-center/finding-classes)
* [Accuracy & Confidence in Findings](/resource-center/accuracy-confidence)
* [Reachability Analysis](/resource-center/reachability)
* [CBOM Export](/user-guides/export/cbom)
* [PQC Compliance Report](/user-guides/export/pqc)