Saved in:
Bibliographic Details
Main Authors: Chen, Baicheng, Wang, Yu, Zhou, Ziheng, Liu, Xiangru, Li, Juanru, Chen, Yilei, He, Tianxing
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2604.03750
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866917384009285632
author Chen, Baicheng
Wang, Yu
Zhou, Ziheng
Liu, Xiangru
Li, Juanru
Chen, Yilei
He, Tianxing
author_facet Chen, Baicheng
Wang, Yu
Zhou, Ziheng
Liu, Xiangru
Li, Juanru
Chen, Yilei
He, Tianxing
contents Reverse engineering (RE) is central to software security, particularly for cryptographic programs that handle sensitive data and are highly prone to vulnerabilities. It supports critical tasks such as vulnerability discovery and malware analysis. Despite its importance, RE remains labor-intensive and requires substantial expertise, making large language models (LLMs) a potential solution for automating the process. However, their capabilities for RE remain systematically underexplored. To address this gap, we study the cryptographic binary RE capabilities of LLMs and introduce \textbf{CREBench}, a benchmark comprising 432 challenges built from 48 standard cryptographic algorithms, 3 insecure crypto key usage scenarios, and 3 difficulty levels. Each challenge follows a Capture-the-Flag (CTF) RE challenge, requiring the model to analyze the underlying cryptographic logic and recover the correct input. We design an evaluation framework comprising four sub-tasks, from algorithm identification to correct flag recovery. We evaluate eight frontier LLMs on CREBench. GPT-5.4, the best-performing model, achieves 64.03 out of 100 and recovers the flag in 59\% of challenges. We also establish a strong human expert baseline of 92.19 points, showing that humans maintain an advantage in cryptographic RE tasks. Our code and dataset are available at https://github.com/wangyu-ovo/CREBench.
format Preprint
id arxiv_https___arxiv_org_abs_2604_03750
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle CREBench: Evaluating Large Language Models in Cryptographic Binary Reverse Engineering
Chen, Baicheng
Wang, Yu
Zhou, Ziheng
Liu, Xiangru
Li, Juanru
Chen, Yilei
He, Tianxing
Cryptography and Security
Artificial Intelligence
Computation and Language
Reverse engineering (RE) is central to software security, particularly for cryptographic programs that handle sensitive data and are highly prone to vulnerabilities. It supports critical tasks such as vulnerability discovery and malware analysis. Despite its importance, RE remains labor-intensive and requires substantial expertise, making large language models (LLMs) a potential solution for automating the process. However, their capabilities for RE remain systematically underexplored. To address this gap, we study the cryptographic binary RE capabilities of LLMs and introduce \textbf{CREBench}, a benchmark comprising 432 challenges built from 48 standard cryptographic algorithms, 3 insecure crypto key usage scenarios, and 3 difficulty levels. Each challenge follows a Capture-the-Flag (CTF) RE challenge, requiring the model to analyze the underlying cryptographic logic and recover the correct input. We design an evaluation framework comprising four sub-tasks, from algorithm identification to correct flag recovery. We evaluate eight frontier LLMs on CREBench. GPT-5.4, the best-performing model, achieves 64.03 out of 100 and recovers the flag in 59\% of challenges. We also establish a strong human expert baseline of 92.19 points, showing that humans maintain an advantage in cryptographic RE tasks. Our code and dataset are available at https://github.com/wangyu-ovo/CREBench.
title CREBench: Evaluating Large Language Models in Cryptographic Binary Reverse Engineering
topic Cryptography and Security
Artificial Intelligence
Computation and Language
url https://arxiv.org/abs/2604.03750