Upload
peter-teufl
View
256
Download
1
Tags:
Embed Size (px)
DESCRIPTION
http://link.springer.com/chapter/10.1007%2F978-3-642-40160-2_11
Citation preview
IAIK
AssessingMobile Device
PlatformsEGOVIS 2013
Thomas Zefferer, Sandra Kreuzhuber, Peter Teufl
IAIK
Background
A-SIT: Security consulting for public insititutions
IAIK: IT security research
Combination: Awesome :-)
Thomas Zefferer Sandra Kreuzhuber Peter Teufl
A-SIT
IAIK
Mobile Device SecuritySensitive data
Location, documents, credentials etc.
Problems
Threats: theft, malicious software etc.
Heterogeneous platformsiOS, Android, Windows Phone,Windows Store, Blackberry, ...
Complexity: securing the systemsdeveloping secure applications
IAIK
Deployment ScenariosE-Gov/M-Gov context
Use Cases
Internal usage (public/private sector):
Mobile-Device-Management (MDM) solution
Bring-Your-Own-Device (BYOD)
Citizen
Citizen applications (within M-Gov context)
IAIK
Internal Use - MDMSecurity policy modeled via MDM system
Mobile device locked down according topolicy/requirements
PLUS
Most secure deployment scenario
MINUS
Not possibile for citizen applications
Internal use: pressure by BYOD concept
IAIK
Internal Use - BYODDevice belongs to the user
No MDM deployment
Deployment of BYOD solutions on the user’s device(container applications, application wrapping)
PLUS
User has full control over the device
MINUS
Security!
Legal and technical issues
IAIK
Citizen - MGov Applications
Applications developed for the citizen
Probably handling of critical data (personal data, etc.)
Similar considerations as for BYOD (however even fewer restrictions)
Considerations are also valid for non M-Gov apps
Banking apps, password safes, theft protection apps etc.
IAIK
Assets, Threats
Assets
Data:credentials, application data, location, emails, SMS, contacts, usage patterns ... ... ...
Threats
Theft
Malware
IAIK
Platform Security Features
Data Protection
Access protection
Encryption
Secure storage of credentials
MDM
Malware Resistance
Application APIs, sources
Permission system
Rooting, jailbreaking?
OS security
Updates, fragmentation
Security Analysis?
IAIK
Access protection, encryption, secure storage of credentials
How does the encryption system work?
Is encryption based on a hardware element?
Is the user’s PIN involved in the key derivation function?
What is the scope of the encryption system?
What does the developer need to know?
How are backups encrypted?
Access Protection
IAIK
Example: iOS/Android EncryptionLock-Screen Type Length Chars
Number of passcodes
Brute-Force Days
Numerical 4 10 10000 0.06 10 1000000 0.98 10 100000000 92.6
10 10 10000000000 9,259.3
Alphanum 4 36 1679616 1.610/26 letters 6 36 2176782336 2,015.5
7 36 78364164096 72,559.48 36 2.82111E+12 2,612,138.89 36 1.0156E+14 94,036,996.9
10 36 3.65616E+15 3,385,331,888.9
Alphanum 4 62 14776336 13.75 62 916132832 848.3
10/52 letters 6 62 56800235584 52,592.87 62 3.52161E+12 3,260,754.38 62 2.1834E+14 202,166,764.49 62 1.35371E+16 12,534,339,394.7
Complex 4 107 131079601 121.45 107 14025517307 12,986.66 107 1.50073E+12 1,389,565.17 107 1.60578E+14 148,683,470.08 107 1.71819E+16 15,909,131,294.7
iOS on device
Brute-Force Days 1 instance
Brute-Force Days (1000 instances)
Cost $ On-Demand Instances
0.0 0.0 0.00.0 0.0 0.00.0 0.0 1.32.6 0.0 133.3
0.0 0.0 0.00.6 0.0 29.0
20.7 0.0 1,044.9746.3 0.7 37,614.8
26,867.7 26.9 1,354,132.8967,237.7 967.2 48,748,779.2
0.0 0.0 0.20.2 0.0 12.2
15.0 0.0 757.3931.6 0.9 46,954.9
57,761.9 57.8 2,911,201.43,581,239.8 3,581.2 180,494,487.3
0.0 0.0 1.73.7 0.0 187.0
397.0 0.4 20,009.742,481.0 42.5 2,141,042.0
4,545,466.1 4,545.5 229,091,490.6Android Amazon GPUAndroid Amazon GPU GPU Price
IAIK
Mobile Device Management
Mobile Device Management (MDM)
Which rules?
How is the system integratedinto the mobile device OS?
Fragmentation?
IAIK
ApplicationsApplication sources? Defined markets? Alternative sources (email, etc.)?
Application APIs?
Security, system integration etc.
Security: What does the developerneed to know?
Permission System?
Usability, which permissions?
IAIK
Core Security
OS security
low level malware protection (buffer overflows, sandboxes, operating sytem architecture, programming languages)
Updates, fragmentation
Updates?
Fragmentation of OS versions?
Fragmentations of functionality (due to extensions of the OS)?
IAIK
Platform Security - Managed
Managed devices
Which criteria?
MDM, MAM: functionality!
Applications (when not restricted)
Data Protection (mainly encryption)
MDMSecurity Config
MAM App App
App App
Smartphone
IAIK
BYODChallenging in terms of security(and also legal considerations)!
Device is not managed!
Activation of OS security features depends on the user
Solutions:
Container applications
Application wrappers
OS integrated solutions (Blackberry Balance)
IAIK
MDM, BYODMDM
Security Config
MAM App App
App App
Smartphone
Container App Management
Security Config
Container App
App App
Smartphone
Application Wrapper
Management
Security Config
Smartphone
App
App App
App
MDM
Security Config
MAM
Business Area
App App
Security Config
Private Area
Smartphone
App App
MDM ContainerApp
App Wrappers BlackberryBalance
IAIK
BYODContainer Applications
Provide mail, contactsbrowser, calendarsecure file storage in a specific application
Application cannot assume a secureenvironment:Needs to implement its own security features
encryption, secure communication, root/jailbreak checks
highly platform specific(need to know the security features, APIs etc.)
IAIK
ExampleContainer applications (also valid for mGov applications with sensitive data)
Key Derivation (from password to encryption key)is a key requirement for secure encryption systems
Key derivation principles
Salt (no pre-calculated password tables
Long derivation time (e.g. 80ms per passcode, on iOS)
Need to have cryptographic knowhow to get it right
Mistakes: simple brute-force attacks...
Data encryption key
Passcode
Keyderivation
Derived key
Salt
IAIK
Example
Lock-Screen Type Length Chars
Number of passcodes Brute-Force DaysBrute-Force Days
Cost $ Reserved (3 Years)
Numerical 4 10 100006 10 10000008 10 100000000
10 10 10000000000
Alphanum 4 36 167961610/26 letters 6 36 2176782336
7 36 783641640968 36 2.82111E+129 36 1.0156E+14
10 36 3.65616E+15
Alphanum 4 62 147763365 62 916132832
10/52 letters 6 62 568002355847 62 3.52161E+128 62 2.1834E+149 62 1.35371E+16
Complex 4 107 1310796015 107 140255173076 107 1.50073E+127 107 1.60578E+148 107 1.71819E+16
Lock-Screen Type Length Chars
Number of passcodes Brute-Force DaysBrute-Force Days
Cost $ Reserved (3 Years)
Numerical 4 10 100006 10 10000008 10 100000000
10 10 10000000000
Alphanum 4 36 167961610/26 letters 6 36 2176782336
7 36 783641640968 36 2.82111E+129 36 1.0156E+14
10 36 3.65616E+15
Alphanum 4 62 147763365 62 916132832
10/52 letters 6 62 568002355847 62 3.52161E+128 62 2.1834E+149 62 1.35371E+16
Complex 4 107 1310796015 107 140255173076 107 1.50073E+127 107 1.60578E+148 107 1.71819E+16
Brute-Force Days
0.00.9
92.69,259.3
1.62,015.5
72,559.42,612,138.8
94,036,996.93,385,331,888.9
13.7848.3
52,592.83,260,754.3
202,166,764.412,534,339,394.7
121.412,986.6
1,389,565.1148,683,470.0
15,909,131,294.7iOS on device
Lock-Screen Type Length Chars
Number of passcodes Brute-Force DaysBrute-Force Days Cost $ GPU
Numerical 4 10 10000 0.0 0.0 0.06 10 1000000 0.0 0.0 0.08 10 100000000 0.0 0.0 0.0
10 10 10000000000 0.2 0.0 0.0
Alphanum 4 36 1679616 0.0 0.0 0.010/26 letters 6 36 2176782336 0.0 0.0 0.0
7 36 78364164096 1.3 0.0 0.28 36 2.82111E+12 46.6 0.0 8.39 36 1.0156E+14 1,679.2 1.7 299.0
10 36 3.65616E+15 60,452.4 60.5 10,763.7
Alphanum 4 62 14776336 0.0 0.0 0.05 62 916132832 0.0 0.0 0.0
10/52 letters 6 62 56800235584 0.9 0.0 0.27 62 3.52161E+12 58.2 0.1 10.48 62 2.1834E+14 3,610.1 3.6 642.89 62 1.35371E+16 223,827.5 223.8 39,852.9
Complex 4 107 131079601 0.0 0.0 0.05 107 14025517307 0.2 0.0 0.06 107 1.50073E+12 24.8 0.0 4.47 107 1.60578E+14 2,655.1 2.7 472.78 107 1.71819E+16 284,091.6 284.1 50,583.1
IAIK
Citizen Application
Citizen applications for handling criticial data
(similar to banking apps, password safes)
same considerations as for container applications
arbitrary environment (even less restricted as in BYOD), devices, versions
threat of malware (arbitrary application sources, malware)
IAIK
Best Practice ManagediOS:
encryption, MDM, application security/features
Android:
highly depends on the platform!
Stock Android: Lacking important MDM features!
Windows Phone/Windows Store:
Lacking MDM features, VPN (8.1 update...), otherwise comparable to iOS
Blackberry: Balance Framework! Good architecture.
IAIK
Best Practice BYOD
Blackberry:
Balance framework: Huge plus (integrated BYOD solution)
iOS, Windows Phone/Store:
Huge advantages over Android
Android:
Alternative sources, deeply integrated system APIs, malware situation
IAIK
Best Practice Citizen AppNo platform choice, market and users decide
Developing apps which handle sensitive data
Know the platforms, their security features, weaknesses
Development by a security aware team: cryptography, IT security, detailed knowledge about the platforms
Keep data on the device limited
iOS, Windows Phone, Blackberry easier to handle. Android ???
IAIK
References, Contact
[email protected]@iaik.tugraz.at
Refs:
https://sites.google.com/site/acnws2012/
http://www.iaik.tugraz.at/content/about_iaik/people/teufl_peter/
contact me if you need the PDFs, slides
IAIK
Thx, and enjoy Praha!