Abstract

LAMMA (beta) is a Framework for Vulnerability Assessment & auditing of cryptography, PKI and related implementations. Developed in Python, LAMMA is a command line utility, built with the focus of automating the Crypto-Assessment for large infrastructures. The framework is highly extendable and allows usres to write and integrate their own plugins seamlessly.

LAMMA (beta) supports 4 modules which have many plugins for very specific purpose.

1. REMOTE - Module scans remote Hosts for SSL/TLS configuration, and reports any gap, vulnerabilities discovered with unique features like Time-Line-analysis of server Certificate, Deep mining of certificates and TLS/SSL session parameters.

2. CRYPTO - This Module checks the various crypto primitives generated by any underlying framework for Quality, backdoor & sanity. Few of Primary Checks :

• Quality Test for Random Number Generated
• Sanity Checks for shared Prime numbers in multiple RSA keys
• Safe and Strong Prime test
• Shared modulus test & MalSha, Malformed Digest Test

3. TRUST - Module checks various trust and key stores for - insecure Private keys and un-trusted certificates. Here are few novel feature of LAMA framework.

• Extract Prime number and Modulus from Private keys for sanity and strength check
• Track Private Keys across the network for insecure storage & Track multiple instances
• Find and list List pinned & un-trusted certificates & Public Key, and track their presence

4. SOURCE - Module helps to enforce “Cryptography Review Board” recommendations of your organisation. This module scans source code for use of insecure and weak schemes like

• MD*/SHA/SHA1 hashes
• ECB/CBC block cipher mode
• rand() or /dev/rand functions or back-doored schemes in use like Dual_EC_DRBG, p224r1, secp384r1