Binary Analyzer Beta
Identifies quantum-vulnerable cryptography in compiled binaries without requiring source code. Works across Windows, Linux, and macOS formats and produces a quantum risk score with prioritized remediation guidance.
Cross-platform analysis: Cerebion Rivet can analyze binaries from any platform regardless of where you're running it. A Windows user can analyze Linux ELF binaries, macOS Mach-O libraries, or Docker image layers without needing to run the analysis on the target OS.
Supported File Formats
| Format | Platform | Notes |
|---|---|---|
| PE (.exe, .dll, .sys) | Windows | Includes .NET assemblies via dnfile |
| ELF | Linux | Shared libraries (.so) and executables |
| Mach-O (.dylib, .app, .framework) | macOS | Universal binaries supported |
| ZIP / JAR | Cross-platform | Contents extracted and scanned individually |
| ISO / archive | Cross-platform | Subject to archive size and file count limits |
See Settings โ Binary Analysis to configure resource limits.
Scan Options
Analysis Type
| Option | What it does |
|---|---|
| Crypto (default) | Focuses on cryptographic algorithm detection โ imports, symbols, pattern signatures, and crypto API calls. Fastest option. |
| Full | Crypto analysis plus broader binary inspection: hardcoded secrets, security flags, binary metadata. Sets depth to deep automatically. |
Analysis Depth
| Option | What it does |
|---|---|
| Quick | Signature-based pattern scanning and import table scan only. Fastest โ suitable for triage. |
| Standard (default) | Pattern scanning + full binary structure analysis + disassembly of code sections. |
| Deep | All of the above plus extended disassembly, crypto constant detection, and hardcoded secret scanning. Used automatically when Analysis Type is Full or Decompile. |
Business Criticality
Affects the Business Impact component (20%) of the Quantum Risk Score. Options: Low, Medium (default), High, Critical. Use Critical for production binaries handling sensitive data or regulated workloads.
Compliance Requirements
Optional. Selecting compliance frameworks increases the Business Impact score component for regulated environments. Supported: fedramp, hipaa, pci, sox.
How Analysis Works
- Signature-based pattern scanning โ scans the raw binary bytes against a quantum-specific detection ruleset. Fast and format-agnostic. Runs on every scan regardless of backend.
- Binary structure parsing โ parses the binary format (PE/ELF/Mach-O), extracts imported symbols, exported functions, section metadata, and security flags (ASLR, DEP, stack canaries).
- Disassembly โ disassembles code sections to identify cryptographic operations at the instruction level.
- .NET metadata โ for PE binaries, extracts managed code metadata to detect .NET cryptographic API usage.
- Risk scoring โ findings from all sources feed into the unified 4-component Quantum Risk Score (0โ100).
Result Fields Explained
Quantum Risk Score
| Field | Range / Values | What it means |
|---|---|---|
| Quantum Risk Score | 0 โ 100 | Overall quantum vulnerability score. Weighted sum of four components. |
| Risk Level | CRITICAL / HIGH / MEDIUM / LOW / UNKNOWN | Derived from the score. CRITICAL = 76โ100, HIGH = 51โ75, MEDIUM = 26โ50, LOW = 0โ25. |
| Migration Urgency | immediate / high / medium / low | How urgently the binary's cryptography needs to be replaced with post-quantum alternatives. |
Risk Score Breakdown
The Quantum Risk Score is a weighted sum of four components, each normalized to 0โ100.
| Component | Weight | What drives it |
|---|---|---|
| Algorithm Risk | 40% | Vulnerability of detected algorithms to Shor's and Grover's algorithms. RSA/ECC/DH score highest. AES-256 scores low. |
| Timeline Risk | 25% | Whether a cryptographically relevant quantum computer is expected before the binary's expected replacement cycle. |
| Business Impact | 20% | Business criticality and compliance requirements provided at scan time. |
| PQC Readiness | 15% | Whether post-quantum algorithms (ML-KEM, ML-DSA, SLH-DSA) are already present in the binary. |
Pattern Scan Analysis
| Field | What it means |
|---|---|
| Matches Found | Number of detection signatures that matched patterns in the binary. |
| Match Details | Per-match breakdown: rule name, Q-Score, category, matched strings, quantum threat description, and recommended PQC alternative. |
| Rules Applied | Total number of detection signatures evaluated against the binary. |
Binary Analysis
| Field | What it means |
|---|---|
| Crypto Algorithms | List of cryptographic algorithms detected via imports, symbols, and disassembly. Each entry includes algorithm name, key size (if determinable), and whether it is quantum-vulnerable. |
| Crypto API Calls | Specific API calls identified in the binary (e.g. RSA_generate_key, EVP_aes_128_cbc). |
| Hardcoded Secrets | Detected hardcoded cryptographic material โ private keys, API tokens, or quantum-system secrets embedded in the binary. Only present on Full or Deep scans. |
| Format Info | Binary format (PE/ELF/Mach-O), architecture (x86_64, ARM64, etc.), and detected platform. |
| Security Flags | Binary hardening features: ASLR, DEP/NX, stack canaries, PIE, RELRO. Informational โ not part of the quantum risk score. |
| Functions Analyzed | Number of functions disassembled during analysis. Low counts on large binaries may indicate a stripped binary. |
Analysis Confidence
The analyzer validates result quality before scoring and reports a confidence level:
| Confidence | Meaning |
|---|---|
| High | Both pattern scanning and binary analysis succeeded and agree. |
| Medium | One analysis method succeeded. Score is based on available data. |
| Pattern Primary | Binary analysis found no crypto but pattern scanning matched signatures. Common with stripped or packed binaries. Pattern scan results are used for scoring. |
| Limited | Pattern scanning succeeded but binary analysis failed. Signature-based scoring only. |
| UNKNOWN | Both methods failed, or the binary is too small to analyze reliably (e.g. a test stub). No risk score is produced. |
Recommendations
Three recommendation categories are generated based on the risk assessment:
- Immediate Actions โ steps to take now (e.g. replace RSA with ML-KEM, migrate to AES-256)
- Migration Strategy โ medium-term plan for transitioning to post-quantum cryptography
- Long-Term Recommendations โ crypto-agility framework, compliance alignment, ongoing monitoring
Q-Score Reference
Each pattern signature match carries a Q-Score (1โ5) indicating the severity of the quantum risk for that specific pattern. The Q-Score feeds into the Algorithm Risk component of the unified score.
| Q-Score | Severity | Meaning | Examples |
|---|---|---|---|
| 5 | CRITICAL | Algorithm completely broken by Shor's or Grover's algorithm | RSA (any key size), ECDSA, ECDH, DH, AES-128, SHA-256, MD5, SHA-1 |
| 4 | HIGH | Near-term quantum risk โ weak PQC implementation or insufficient randomness | Kyber-512 (borderline), Dilithium-2, FALCON-512, PRNG usage in quantum contexts |
| 3 | MEDIUM | Transition period vulnerability โ legacy crypto in quantum-aware systems, insufficient key sizes | RSA-1024/2048 key size constants, legacy crypto in quantum computing contexts |
| 2 | LOW | Best practice violation โ suboptimal parameters or debug code | PQC performance-over-security modes, debug logging of quantum state |
| 1 | INFO | Future-proofing recommendation โ readiness gaps or algorithm lifecycle warnings | Signature schemes that should migrate to ML-DSA, key exchange that should migrate to ML-KEM |
Detection Categories
The pattern detection engine covers the following categories:
| Category | Q-Score | What it detects |
|---|---|---|
| Shor's Algorithm Vulnerability | 5 | RSA, ECC (all curves), Diffie-Hellman key exchange |
| Grover's Algorithm Vulnerability | 5 | AES-128, SHA-1, SHA-256, MD5, SHA-224 |
| Quantum Key Management | 5 | Hardcoded quantum/PQC keys and secrets |
| Post-Quantum Implementation Issues | 4 | Weak PQC parameter sets (Kyber-512, Dilithium-2, FALCON-512) |
| Quantum Randomness | 4 | PRNG usage, Math.random(), /dev/urandom in quantum contexts |
| Quantum Protocol Security | 4 | QKD protocol vulnerabilities (BB84, E91) |
| Hybrid Cryptography | 4 | Insecure classical + quantum mixing |
| Legacy Cryptography | 3 | Classical crypto in quantum-aware systems |
| Key Size Inadequacy | 3 | RSA-1024/2048, DH-1024/2048 key size constants |
| Information Leakage | 3 | Timing attacks, side-channel exposure in quantum implementations |
| Parameter Selection | 2 | PQC performance-mode configurations |
| Debug Code | 2 | Debug logging of quantum state or keys |
| Quantum Readiness | 1 | Missing crypto inventory, migration plan gaps |
| Algorithm Lifecycle | 1 | Deprecated or end-of-life algorithm references |
| PQC Algorithm Recommendations | 1 | Signature schemes, key exchange, TLS configs that should migrate to PQC |
Post-Quantum Migration Reference
When the analyzer identifies a vulnerable algorithm, it maps it to the appropriate NIST-standardized replacement:
| Vulnerable Algorithm | Post-Quantum Alternative | NIST Standard |
|---|---|---|
| RSA (signatures) | ML-DSA (CRYSTALS-Dilithium) | FIPS 204 |
| ECDSA | ML-DSA or SLH-DSA (SPHINCS+) | FIPS 204 / FIPS 205 |
| DSA | ML-DSA (CRYSTALS-Dilithium) | FIPS 204 |
| RSA-OAEP / PKCS#1 (encryption) | ML-KEM (CRYSTALS-Kyber) | FIPS 203 |
| ECDH / ECDHE | ML-KEM (CRYSTALS-Kyber) | FIPS 203 |
| DH / DHE | ML-KEM (CRYSTALS-Kyber) | FIPS 203 |
| AES-128 | AES-256, ChaCha20-Poly1305 | โ |
| SHA-1 / MD5 | SHA-384, SHA-512, SHAKE-256 | โ |
| SHA-256 | SHA-384, SHA-512 (Grover halves effective bits) | โ |
Resource Limits
All limits are configurable in Settings โ Binary Analysis.
| Limit | Default | Range |
|---|---|---|
| Max binary file size | 500 MB | 1โ5000 MB |
| Analysis timeout | 600 seconds | 30โ3600 seconds |
| Max memory | 2048 MB | 512โ8192 MB |
| Max concurrent scans | 3 | 1โ10 |
| Max archive size | 500 MB | 1โ2000 MB |
| Max files per archive | 100 | 1โ1000 |
Stripped and Packed Binaries
Stripped binaries (no symbol table) and packed/obfuscated binaries present challenges for binary analysis:
- Stripped binaries โ signature-based pattern scanning still works on raw bytes. Binary analysis may find fewer named crypto functions but can still detect crypto constants and instruction patterns. Confidence level will be Pattern Primary or Medium.
- Packed binaries โ the outer packer layer may prevent crypto detection. Pattern scanning may still match packer signatures.
- Very small binaries (<100 KB with no analyzable functions) โ the analyzer may return UNKNOWN if neither pattern scanning nor binary analysis finds anything meaningful. This is expected for test stubs or minimal executables.
Limitations
The Binary Analyzer performs static analysis only โ it does not execute code. The following scenarios are outside its detection scope:
- Runtime-only crypto โ cryptographic algorithms loaded or constructed at runtime (e.g. dynamically assembled key material, reflective loading) are not visible to static analysis.
- Custom or proprietary implementations โ crypto implementations that do not use known constants, OIDs, or library function names will not be detected. Rivet detects known patterns; it cannot reason about unknown ones.
- Encrypted or heavily obfuscated payloads โ if the binary's code section is encrypted and unpacked only at runtime (common in commercial protectors), detection coverage is reduced. Pattern scanning may still match the outer layer.
- Key size inference โ when a key size cannot be extracted from the binary, Rivet applies conservative worst-case assumptions in the risk score (e.g. RSA without a detected key size is treated as RSA-2048).
- Unsupported formats โ file types other than PE, ELF, Mach-O, .NET, Java .class/JAR, and DEX are not analysed. An unsupported format returns no findings, not a clean result.
A clean scan result means no known vulnerable cryptographic patterns were detected. It does not constitute a guarantee of quantum safety.
Relationship to Other Analyzers
The Binary Analyzer uses the same 4-component unified risk engine as the Certificate and Network Analyzers. The difference is the detection method โ instead of inspecting a TLS certificate, it inspects compiled binary code. The risk score scale (0โ100) and component weights are identical across all analyzers.
For full documentation of the risk scoring methodology and quantum computing threat timeline, see the Risk Scoring documentation.