Upload
ibm-security
View
572
Download
2
Tags:
Embed Size (px)
Citation preview
© 2015 IBM Corporation
IBM Security Systems
1© 2015 IBM Corporation
How to Hack a KeyArxan Cryptographic Key Protection
Add-On for IBM Solutions
© 2015 IBM Corporation
IBM Security Systems
2
Agenda
How to Hack Cryptographic Keys via Static/Dynamic Analysis
How to Protect Cryptographic Keys
Next Steps
© 2015 IBM Corporation
IBM Security Systems
3
Disruption in the Security LandscapeCentralized,
trusted environment
Distributed or untrusted
environment “Apps in the Wild”
• Web Apps
• Data Center Apps
Attackers do not have easy
access to application binary
+ Application Security Testing
(“Build it Secure”)
+ Application Self-Protection
(“Keep it Secure”)
• Mobile Apps
• Internet of Things
• Packaged Software
Attackers can easily access and
compromise application binary
© 2015 IBM Corporation
IBM Security Systems
4
Mobile Keys Are Vulnerable to Attack
• Keys can be identified in memory via predictable bit code patterns
• Encryption algorithms can be identified and understood using static analysis
• Key Generation / Use algorithms can be identified and understood to manipulate or steal data
Confidentiality Risk
(Reverse Engineering or Code Analysis Vulnerabilities)
• Key Generation / Use algorithms can be altered, causing key theft or data theft
• Malicious key manipulation code can be injected or hooked into applications
Integrity Risk
(Code Modification or Code Injection Vulnerabilities)
© 2015 IBM Corporation
IBM Security Systems
5
Crypto Keys Are Being Attacked with Growing Frequency
Cryptographic key theft has been leveraged in
a number of prominent hacks, for example:
AACS crypto key extracted thought memory
scrapping, allowing unauthorized access to
digital content in HD DVD and BluRay
Exploiting forms of buffer overflow attacks,
like Heartbleed, to steal crypt key
Sony PS3 hack revealed Level Zero
cryptographic keys
Android APK integrity vulnerability
And many more…
80%
Of respondents to a Ponemon
Institute survey identified broken
cryptography as the most difficult
risk to minimize (The State of Mobile Application Insecurity, February
2015)
Unfortunately, many don’t
protect their keys or think it is
too difficult to protect them
© 2015 IBM Corporation
IBM Security Systems
6
Cryptographic Keys are Leveraged Broadly
• Protect digital assets, including media,
software and devices
• Encrypt user licenses
• Bind devices
• Prove identity
• Secure communication against
eavesdroppers
• Protect Host Card Emulation (HCE):
mobile payments
• And more…
Example: Mobile Payments/HCE
© 2015 IBM Corporation
IBM Security Systems
7
Uncovering Cryptographic Keys
Keys need to be
protected
in use, at rest
and in transit
© 2015 IBM Corporation
IBM Security Systems
8
Growing Trend of Memory Scrapping
Source: Verizon 2015 Data Breach Investigations Report
© 2015 IBM Corporation
IBM Security Systems
9
Crypto Keys Are Being Attacked with Growing Frequency
Asset Theft
– Games cheats and downloadable content
– Paid digital media
– Sensitive and private digital assets
Mobile Payment
– Payment fraud
– Identity theft
IoT
– Teeing off sensitive observations
– Gain access to actionable devices
App Identification
– Unauthorized clients and access to backend services
More…
© 2015 IBM Corporation
IBM Security Systems
10
Anatomy of a Cryptographic Key Hack
11 110 01
0 1001110
1100 001
01 111 00
Identify cryptographic
implementations and binary
signatures that reveal common
encryption libraries
Generating a malicious app that will act as the conduit
for encrypted and desired data that the legitimate app
has encrypted and stored on a target device
11 110 01
0 1001110
1100 001
01 111 00
If static analysis doesn’t
yield the needed information, this
method can be utilized to defeat
dynamic method invocation or
heavy obfuscation
© 2015 IBM Corporation
IBM Security Systems
11
How to Steal Encryption Keys / Decrypted Content –Static Analysis
1. Encryption algorithm implementations leave binary
patterns
– Substitution-boxes (SBOX) are an excellent example of well-
defined data structures tied to AES Encryption algorithms
2. Encryption algorithms and important data structures are
tied together
– AES encryption methods will always use the same SBOX 2-D
array
– IDA Pro connects the two via Cross-Reference Analysis (X-Ref)
3. Method renaming / hiding through code obfuscation
cannot effectively hide the nature of an encryption
algorithm
– Cross-Reference analysis quickly cuts through any semantic
hiding
4. Only mathematical obfuscation (not code obfuscation)
will lead to effective encryption obfuscation
– The underlying math behind an encryption algorithm reveals
the true nature of an algorithm. Obfuscating code does not
transform the math.
© 2015 IBM Corporation
IBM Security Systems
12
How to Steal Encryption Keys / Decrypted Content –Dynamic Analysis
Video: Attacking Keys Using Dynamic Analysis
• In order to steal sensitive data, a hacker may
need to know how an organization is encrypting
its data. In this video, we’ll show you how a
hacker will quickly determine your encryption
scheme for a mobile app using Method Hooking
© 2015 IBM Corporation
IBM Security Systems
13
Agenda
How to Hack Cryptographic Keys via Static/Dynamic Analysis
How to Protect Cryptographic Keys
Next Steps
© 2015 IBM Corporation
IBM Security Systems
14
White-Box Cryptography Can Be Used To Protect Keys
White-box cryptography (WBC)
– Protects static and dynamic keys
– Protects sensitive user data
Arxan’s key protection is a sophisticated
implementation of WBC
– Uses highly complex mathematical algorithms
for cryptographic operations
– Combined with data and code obfuscation to
transform the key and related operations, along
with encryption techniques
– Supports all major algorithms: AES_ECB,
AES_CBC, AES_GCM,
AES_CTR, ECC, RSA, DES/3DES, ECDH, etc.
Encrypted Domain
Mobile Application
RESULT: Keys cannot be discovered at any time and are never present in static form or
in runtime memory
Crypto Routines
Static & Dynamic Keys
Secret Data
© 2015 IBM Corporation
IBM Security Systems
15
How to Protect Keys Using Arxan’s Key Protection
Video: Protecting Keys Against Dynamic
Analysis Using Arxan Cryptographic Key
Protection Add-On for IBM Solutions
• Dynamic analysis can be stopped through
the use of Whitebox Cryptography. In this
video, we’ll show you how to apply Arxan to
stop key theft via dynamic analysis.
© 2015 IBM Corporation
IBM Security Systems
16
How Is Key Protection Implemented?
© 2015 IBM Corporation
IBM Security Systems
17
This Approach Yields the Most Protected Form of Data: White-box Form
Forms of Data
Classical form Untransformed data (in the clear)
Obfuscated form Transformed (reversible) data;
inputs and outputs of ciphers can
be obfuscated
White-box form Maximally secure (for keys) and
non-reversible
© 2015 IBM Corporation
IBM Security Systems
18
Why Arxan Protection?
For key protection
‘Gold standard’ protection
• All major cryptography
standards and functionality
• Offers a smaller footprint than
other solutions
• Delivers better performance
Easy Integration
• Conformance to common API
calls like OpenSSL, allows
straight-forward replacement of
existing cryptographic libraries
For application protection
‘Gold standard’ protection strength
• Multi-layered Guards
• Static & Run-Time Guards
• No binary patterns or agents, no single
point of failure
• Customizable to your application
• Automated randomization for each build
No disruption to SDLC or source code
with unique binary-based Guard
injection
Arxan Solutions are
Proven• Protected apps deployed on over 300 million devices
• Hundreds of satisfied customers across Fortune 500
Cross platform support -- > 7 mobile platforms alone
Unique IP ownership: 10+ patents
Integrated with other IBM security and mobility solutions
© 2015 IBM Corporation
IBM Security Systems
19
World’s “Strongest” App Protection, Sold and Supported by IBM
Benefit of your existing trusted relationship with IBM
• Arxan’s technology now available from IBM: Sales, Solution, Services, Support from
IBM, with close collaboration between IBM and Arxan to ensure your success
• Leverage your existing procurement frameworks and contract vehicles (IBM Passport
Advantage, ELAs, Perpetual License, Elite Support, etc) for purchasing Arxan products
and take advantage of your relationship pricing and special discounts from IBM
Leverage Arxan as part of comprehensive solution portfolio from
IBM to holistically secure mobile apps, with value-adding validated
integrations
• Enables unique ‘Scan + Protect’ application security strategy and best practice for
building it secure during development (AppScan) and keeping it secure deployed
“in the wild” (Arxan)
• Value-adding Arxan integrations, validations, and interoperability testing with other
IBM products (e.g., IBM AppScan, IBM Trusteer, IBM MobileFirst Platform Foundation)
© 2015 IBM Corporation
IBM Security Systems
20
Agenda
How to Hack Cryptographic Keys via Static/Dynamic Analysis
How to Protect Cryptographic Keys
Next Steps
© 2015 IBM Corporation
IBM Security Systems
21
Key Protection Solution Sheet and App Protection Video
IBM / Arxan Cryptographic Key Protection: A comprehensive
solution to protect static keys, dynamic keys and sensitive data
https://www.arxan.com/wp-
content/uploads/2015/05/IBM_Arxan_data_sheet_crypto_key_final.pdf
IBM / Arxan Short Demos: Securing Mobile Apps in the Wild
• Risks for mobile apps and how to protect them
• How to protect mobile apps against attacks
• Demo of how easy it is to hack an app
http://www.arxan.com/solutions/arxan-mobile-app-protection-with-ibm/
SOLUTION SHEET
© 2015 IBM Corporation
IBM Security Systems
22
Contact your IBM representative or email
[email protected] for more information
Free Evaluation of “Arxan Application Protection for IBM Solutions”Offered as part of IBM’s Security Portfolio
Next Step Options
© 2015 IBM Corporation
IBM Security Systems
23
www.ibm.com/security
© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes
only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use
of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any
warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement
governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in
all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole
discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any
way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United
States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response
to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated
or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure
and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to
be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems,
products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE
MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.