35 research outputs found

    MicroWalk: A Framework for Finding Side Channels in Binaries

    Full text link
    Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by incremental software patches for the RSA algorithm against variants of side-channel attacks within different versions of cryptographic libraries, protecting security-critical algorithms against side channels is an intricate task. Software protections avoid leakages by operating in constant time with a uniform resource usage pattern independent of the processed secret. In this respect, automated testing and verification of software binaries for leakage-free behavior is of importance, particularly when the source code is not available. In this work, we propose a novel technique based on Dynamic Binary Instrumentation and Mutual Information Analysis to efficiently locate and quantify memory based and control-flow based microarchitectural leakages. We develop a software framework named \tool~for side-channel analysis of binaries which can be extended to support new classes of leakage. For the first time, by utilizing \tool, we perform rigorous leakage analysis of two widely-used closed-source cryptographic libraries: \emph{Intel IPP} and \emph{Microsoft CNG}. We analyze 1515 different cryptographic implementations consisting of 112112 million instructions in about 105105 minutes of CPU time. By locating previously unknown leakages in hardened implementations, our results suggest that \tool~can efficiently find microarchitectural leakages in software binaries

    A Mobile Secure Bluetooth-Enabled Cryptographic Provider

    Get PDF
    The use of digital X509v3 public key certificates, together with different standards for secure digital signatures are commonly adopted to establish authentication proofs between principals, applications and services. One of the robustness characteristics commonly associated with such mechanisms is the need of hardware-sealed cryptographic devices, such as Hardware-Security Modules (or HSMs), smart cards or hardware-enabled tokens or dongles. These devices support internal functions for management and storage of cryptographic keys, allowing the isolated execution of cryptographic operations, with the keys or related sensitive parameters never exposed. The portable devices most widely used are USB-tokens (or security dongles) and internal ships of smart cards (as it is also the case of citizen cards, banking cards or ticketing cards). More recently, a new generation of Bluetooth-enabled smart USB dongles appeared, also suitable to protect cryptographic operations and digital signatures for secure identity and payment applications. The common characteristic of such devices is to offer the required support to be used as secure cryptographic providers. Among the advantages of those portable cryptographic devices is also their portability and ubiquitous use, but, in consequence, they are also frequently forgotten or even lost. USB-enabled devices imply the need of readers, not always and not commonly available for generic smartphones or users working with computing devices. Also, wireless-devices can be specialized or require a development effort to be used as standard cryptographic providers. An alternative to mitigate such problems is the possible adoption of conventional Bluetooth-enabled smartphones, as ubiquitous cryptographic providers to be used, remotely, by client-side applications running in users’ devices, such as desktop or laptop computers. However, the use of smartphones for safe storage and management of private keys and sensitive parameters requires a careful analysis on the adversary model assumptions. The design options to implement a practical and secure smartphone-enabled cryptographic solution as a product, also requires the approach and the better use of the more interesting facilities provided by frameworks, programming environments and mobile operating systems services. In this dissertation we addressed the design, development and experimental evaluation of a secure mobile cryptographic provider, designed as a mobile service provided in a smartphone. The proposed solution is designed for Android-Based smartphones and supports on-demand Bluetooth-enabled cryptographic operations, including standard digital signatures. The addressed mobile cryptographic provider can be used by applications running on Windows-enabled computing devices, requesting digital signatures. The solution relies on the secure storage of private keys related to X509v3 public certificates and Android-based secure elements (SEs). With the materialized solution, an application running in a Windows computing device can request standard digital signatures of documents, transparently executed remotely by the smartphone regarded as a standard cryptographic provider

    PayBreak: Defense against cryptographic ransomware

    Get PDF

    Multi-level analysis of Malware using Machine Learning

    Get PDF
    Multi-level analysis of Malware using Machine Learnin

    Secure storing of encryption and authentication keys

    Get PDF
    Táto bakalárska práca sa zaoberá analýzou možností bezpečného uloženia šifrovacích a autentizačných kľúčov na PC, ako aj na zariadeniach využívaných v internete vecí. Ďalej popisuje funkcionalitu a úroveň kryptografickej bezpečnosti vybraných riešení a poukazuje na možné bezpečnostné nedokonalosti. Taktiež poskytuje výsledky meraní výkonu blokových šifier na rôznych architektúrach. Najlepšie z nich sme vybrali ako základ vlastného návrhu bezpečného uloženia šifrovacích a autentizačných kľúčov na PC, a na zariadeniach využívaných v internete vecí. Tieto návrhy sme implementovali v podobe konzolovej aplikácie pre PC a aplikácie univerzálnej platformy Windows pre zariadenia využívané v internete vecí, kde sme uviedli aj náročnosť na výpočtový výkon. Ohodnotili sme aj ich kryptografickú bezpečnosť a analyzovali možné bezpečnostné trhliny.This bachelors thesis is focused on analysis of possibilities of secure storing encryption and cryptographic keys in computers and internet of things devices. It also describes the functionality and level of cryptographic security of chosen solutions and points at possible security vulnerabilities. Next part of the thesis consists of results of test of block cyphers on different architectures. Best of them were chosen as a base for custom solution for secure storing encryption and cryptographic keys. The designs were implemented in form of console application for computers and universal Windows platform application for IoT devices, that includes information about computing power needed to use the proposed solution. At last we conducted vulnerability analysis and evaluated their cryptographic security.

    Minerva: The curse of ECDSA nonces

    Get PDF
    We present our discovery of a group of side-channel vulnerabilities in implementations of the ECDSA signature algorithm in a widely used Atmel AT90SC FIPS 140-2 certified smartcard chip and five cryptographic libraries (libgcrypt, wolfSSL, MatrixSSL, SunEC/OpenJDK/Oracle JDK, Crypto++). Vulnerable implementations leak the bit-length of the scalar used in scalar multiplication via timing. Using leaked bit-length, we mount a lattice attack on a 256-bit curve, after observing enough signing operations. We propose two new methods to recover the full private key requiring just 500 signatures for simulated leakage data, 1200 for real cryptographic library data, and 2100 for smartcard data. The number of signatures needed for a successful attack depends on the chosen method and its parameters as well as on the noise profile, influenced by the type of leakage and used computation platform. We use the set of vulnerabilities reported in this paper, together with the recently published TPM-FAIL vulnerability as a basis for real-world benchmark datasets to systematically compare our newly proposed methods and all previously published applicable lattice-based key recovery methods. The resulting exhaustive comparison highlights the methods\u27 sensitivity to its proper parametrization and demonstrates that our methods are more efficient in most cases. For the TPM-FAIL dataset, we decreased the number of required signatures from approximately 40 000 to mere 900

    Where's Crypto?: Automated Identification and Classification of Proprietary Cryptographic Primitives in Binary Code

    Full text link
    The continuing use of proprietary cryptography in embedded systems across many industry verticals, from physical access control systems and telecommunications to machine-to-machine authentication, presents a significant obstacle to black-box security-evaluation efforts. In-depth security analysis requires locating and classifying the algorithm in often very large binary images, thus rendering manual inspection, even when aided by heuristics, time consuming. In this paper, we present a novel approach to automate the identification and classification of (proprietary) cryptographic primitives within binary code. Our approach is based on Data Flow Graph (DFG) isomorphism, previously proposed by Lestringant et al. Unfortunately, their DFG isomorphism approach is limited to known primitives only, and relies on heuristics for selecting code fragments for analysis. By combining the said approach with symbolic execution, we overcome all limitations of their work, and are able to extend the analysis into the domain of unknown, proprietary cryptographic primitives. To demonstrate that our proposal is practical, we develop various signatures, each targeted at a distinct class of cryptographic primitives, and present experimental evaluations for each of them on a set of binaries, both publicly available (and thus providing reproducible results), and proprietary ones. Lastly, we provide a free and open-source implementation of our approach, called Where's Crypto?, in the form of a plug-in for the popular IDA disassembler.Comment: A proof-of-concept implementation can be found at https://github.com/wheres-crypto/wheres-crypt

    Identifying Ransomware Through Statistical and Behavioural Analysis

    Get PDF
    Ransomware is a devastating type of malicious software that restricts a user's access to a digital asset of value, demanding a ransom in order to restore it. Ransomware attacks have only increased in popularity over the years and show no signs of abating. Moreover, the complexity and potential impact of these attacks have also increased, such that modern-day ransomware attacks are capable of bringing businesses and organisations to a standstill, with ransom demands often in excess of millions of pounds. The research presented in this thesis aims to contribute to a stronger foundation of knowledge regarding this relatively new cyberthreat through the development of several novel countermeasures. An in-depth analysis of current state-of-the-art anti-ransomware tools was conducted, through which an overall preference towards statistical and behavioural detection methods was identified. Additionally, several datasets and an analysis environment were constructed in order to identify and subsequently improve current statistical and behavioural approaches, contributing towards more effective ransomware detection. Untapped potential within statistical-based approaches to ransomware detection was clearly identified, showing that near-perfect classification rates were possible within the scope of our experiments. Despite the continual growth both in terms of frequency and sophistication of ransomware attacks, our results suggest that the significant differences in system behaviour observed during a ransomware attack are enough to identify and thwart ransomware attacks. Future work should pay particular attention to these clear fingerprints created by ransomware attacks, such that damages can largely be mitigated, alleviating the need to pay the ransom and thus toppling the underground ransomware economy

    Analysing and improving the crypto ecosystem of Rust

    Get PDF
    Context: Rust is an emerging systems programming language that suits security-critical applications because it guarantees memory safety without a garbage collector. Its growing ecosystem already encompasses several crypto libraries, though the competition is still open. Previous cryptography research found that vulnerabilities are often due to misunderstandings and misuse of cryptographic APIs rather than bugs in the libraries themselves. Aim: This thesis presents a holistic analysis of Rust's current crypto ecosystem and aims to improve its further development. A particular focus is on API design because all libraries are still open to change their APIs and it will become increasingly difficult to change them later. Method: All parts of the ecosystem are systematically analysed, guided by the general structure of a crypto ecosystem. Research methods include a systematic search for libraries, a survey among contributors, GitHub analyses as well as a self-experiment and a controlled experiment to test the usability. Results: The contributors are typical open source developers and they collaborate in typical ways on GitHub. Most libraries have a clear main developer and there is a general lack of contributors. While two of the major libraries focus on usability and are consequently easier to use and more resistant to misuse, the two most widespread libraries consciously neglect these topics and exhibit flaws known from crypto libraries in other languages. Conclusion: The misuse resistant Rust crypto libraries should be advertised more actively. In the medium term, an officially endorsed API could improve interoperability and foster competition. For such an API and for the improvement of existing APIs, the thesis discusses a number of design decisions and their usability implications.Kontext: Rust ist eine junge Systemprogrammiersprache, die sich für sicherheitskritische Anwendungen eignet, weil sie Speichersicherheit ohne einen Garbage Collector garantiert. Das wachsende Ökosystem umfasst bereits einige Krypto-Bibliotheken, wobei der Wettbewerb noch offen ist. Die bisherige Forschung hat gezeigt, dass Schwachstellen oft durch Missverständnisse und Missbrauch der kryptographischen APIs verursacht werden anstatt durch Fehler in den Bibliotheken selbst. Ziel: Diese Thesis enthält eine ganzheitliche Analyse des Krypto-Ökosystems von Rust mit dem Ziel, die zukünftige Entwicklung zu verbessern. Ein besonderer Fokus liegt auf dem API-Design, weil alle Bibliotheken noch offen für API-Änderungen sind und solche Änderungen später schwieriger werden. Vorgehen: Alle Bestandteile des Ökosystems werden anhand der allgemeinen Struktur eines Krypto-Ökosystems systematisch analysiert. Zu den eingesetzten Forschungsmethoden gehören eine systematische Suche nach Bibliotheken, eine Entwicklerumfrage, GitHub-Analysen sowie ein Selbstversuch und ein kontrolliertes Experiment um die Benutzbarkeit zu testen. Ergebnisse: Die Entwickler sind typische Open-Source-Entwickler und sie arbeiten auf typische Weise auf GitHub zusammen. Die meisten Bibliotheken haben einen eindeutigen Hauptentwickler und es gibt einen generellen Mangel an weiteren Entwicklern. Während zwei der größeren Bibliotheken sich auf Benutzbarkeit konzentrieren und dementsprechend einfacher zu verwenden und missbrauchsresistenter sind, vernachlässigen die beiden am weitesten verbreiteten Bibliotheken diese Themen bewusst und weisen Schwächen auf, die von Krypto-Bibliotheken anderer Sprachen her bekannt sind. Fazit: Die missbrauchsresistenten Krypto-Bibliotheken in Rust sollten aktiver beworben werden. Mittelfristig könnte eine offiziell unterstützte API die Interoperabilität und den Wettbewerb fördern. Für eine solche API und für die Verbesserung der existierenden APIs werden in der Thesis diverse Designentscheidungen und ihre Auswirkungen auf die Benutzbarkeit erörtert
    corecore