Android KeyStore, the encryption system used by the Android OS to store cryptographic keys and user credentials, is quite flawed, claim two security researchers in an academic paper entitled Breaking into the Keystore - A Practical Forgery Attack Against Android KeyStore.
KeyStore performs key specific actions that enable Android apps to store and generate their own cryptographic keys. By storing keys in a container, KeyStore makes it difficult to remove them from the device.
The researchers, Mohamed Sabt and Jacques Traore, who work for France Telecom’s Orange Labs wrote that Android KeyStore does not provide integrity which means that an attacker is able to modify stored keys without being detected. Sabt and Traoré exploited this flaw with a forgery attack that breached KeyStore.
“Our attack allows a malicious application to make mobile apps to unwittingly perform secure protocols using weak keys,” they claimed. “The threat is concrete the attacker goes undetected while compromising the security of users.”
They outlined an attack scenario in which an application entrusts the KeyStore with its symmetric keys.
Our attack lulls users into a false sense of security by silently transforming for instance 256-bit HMAC keys into 32-bit ones - they wrote. This allows a malicious third party that controls the network to break any secure protocol based on these weak keys. Such an attack might constitute a real threat since it could happen undetected.
The researchers said their research underscores an important fact, intuition often goes wrong when security is concerned.
Unfortunately system designers still tend to choose cryptographic schemes not for their proved security but for their apparent simplicity - they wrote. We show once again that this is not a good choice since it usually results in severe consequences for the whole underlying system.
The researchers, Mohamed Sabt and Jacques Traore, who work for France Telecom’s Orange Labs wrote that Android KeyStore does not provide integrity which means that an attacker is able to modify stored keys without being detected. Sabt and Traoré exploited this flaw with a forgery attack that breached KeyStore.
“Our attack allows a malicious application to make mobile apps to unwittingly perform secure protocols using weak keys,” they claimed. “The threat is concrete the attacker goes undetected while compromising the security of users.”
They outlined an attack scenario in which an application entrusts the KeyStore with its symmetric keys.
Our attack lulls users into a false sense of security by silently transforming for instance 256-bit HMAC keys into 32-bit ones - they wrote. This allows a malicious third party that controls the network to break any secure protocol based on these weak keys. Such an attack might constitute a real threat since it could happen undetected.
The researchers said their research underscores an important fact, intuition often goes wrong when security is concerned.
Unfortunately system designers still tend to choose cryptographic schemes not for their proved security but for their apparent simplicity - they wrote. We show once again that this is not a good choice since it usually results in severe consequences for the whole underlying system.
No comments:
Post a Comment