A property-based testing framework for encryption programs

• Published in: Frontiers of Computer Science Vol. 8; no. 3; pp. 478 - 489
• Main Authors: SUN, Chang-ai, WANG, Zuoyi, WANG, Guan
• Format: Journal Article
• Language: English
• Published: Heidelberg Higher Education Press 01.06.2014; Springer Nature B.V
• Subjects: Algorithms; Computer Science; encryption programs; Fault detection; metamorphic testing (MT); oracle; Research Article; Software testing; test oracles; 加密程序; 加密算法; 基础; 测试框架; 财产; 软件测试; 验证测试; software testing; encryption programs; metamorphic testing (MT); test oracles
• ISSN: 2095-2228; 2095-2236
• DOI: 10.1007/s11704-014-3040-y

In recent years, a variety of encryption algorithms were proposed to enhance the security of software and systems. Validating whether encryption algorithms are correctly implemented is a challenging issue. Software testing delivers an effective and practical solution, but it also faces the oracle problem (that is, under many practical situations, it is impossible or too computationally expensive to know whether the output for any given input is correct). In this paper, we propose a property-based approach to testing encryption programs in the absence of oracles. Our approach makes use of the so-called metamorphic properties of encryption algorithms to generate test cases and verify test results. Two case studies were conducted to illustrate the proposed approach and validate its effectiveness. Experimental results show that even without oracles, the proposed approach can detect nearly 50% inserted faults with at most three metamorphic relations (MRs) and fifty test cases.