Cryptography plays an essential role towards the construction of any secure system. If applied faultlessly, it can help us to maintain the confidentially of our data, authenticate data sources, and secure our data against any disallowed alternation. However, we often fall into the misuse of cryptography when it is inappropriately applied to our software. If not properly handled, cryptographic algorithm can easily fail to protect your system from attacks. Usually, the security issues regarding cryptography do not originate from the algorithm itself but from our applied practices when handling the cryptography in our systems. Most vulnerabilities in the cryptographic side of the software points to the misuse by the actors rather than the cryptography itself. As a result, there are several risks when using cryptography, you should be aware of which can compromise your software.
Experts in cryptography have noticed that there are some mistakes developers make which can lead to unsecured software. First, it is highly important not to use constant encryption keys as they do not guarantee privacy. When a constant key is used and it is hard-coded inside the source code, it is not considered a secret key. In addition, ensuring true randomness is pivotal to generate strongly secure secret keys. To solve such problem, it is crucial to avoid using weak random generators, and predictable and reused seeds. Furthermore, always depend on the proper implementation of public and standards cryptographic algorithm. Despite how much experience you have in cryptography, your algorithm will always be subject to errors since complexity of building a new algorithm is high.
Importance of Secure Cryptography
Every day we use cryptography to assure a secure communication over the Internet. Sensitive services like bank services, emails, and others depend mainly on cryptography to protect the privacy of user data. Without cryptography, we would not be able to benefit from such services. With cryptography we make sure that our software satisfies the three security attributes: confidentiality, integrity, and availability. In a sense, cryptography represents the order of the Internet. Unlike other aspects of software design, cryptography is supposed to ensure protection and security to the software. Thus, if the security of the applied cryptography to any system is compromised, the whole system is compromised as well.
Examples of Cryptography Related Attacks
Apple SSL/TLS Bug
One of the examples was the bug that was found in Apple’s SSL/TLS protocol known as the (goto) bug. The bug existed for a year and was handled in 2014. The ‘goto fail’ statement was writing twice in a row which makes the second ‘goto fail’ unconditional. As a result, the execution of the code will skip the rest of the code and execute the ‘fail’ lines. The value carried in the variable ‘err’ will always be successful allowing for an all the time successful signature verification. This example is a solid proof of how bad implementation of cryptographic algorithms and protocols can lead to disastrous consequences. This problem was an outcome of a naive mistake made by a programmer who unintentionally added an extra ‘goto’ statement causing billions of devices to be vulnerable to man-in-the-middle attacks. Attackers can initiate an attack by spoofing SSL servers by crossing out the signing step or using an unrestrained private key. According to the CVE page of the bug, the signature in the TLS Server Key Exchange message is not examined by the SSL server verification functions.
Erlang/OTP Weak PRNG Vulnerability
One common mistake a developer might commit is the use of weak random number generators. The generation of random numbers is a decisive factor in enforcing the security of your cryptographic system. Some systems use a pseudo random number generator (PRNG) to achieve true randomness across their cryptographic systems. However, bad implementation of PRNGs can lead to weakness when generating random numbers. For instance, a vulnerability was discovered in 2011 in the Erlang/OTP, a middleware library written in Erlang programming language, SSH library’s random number generator. That vulnerability led to the generation of predictable seeds which allowed attackers to remotely figure out the SSH session keys as well as the DSA host. The reason behind the problem was that all the SSH connections used seeds indicating the current time which made it easier to guess the seed value. Of the three RNG seed components, the attacker can easily guess the first two, and the third can be retrieved by using a brute force-attack.
As for the first example I mentioned, it is highly noted that improper practices in the software development process were the main factor behind the existence of such major security issue. To avoid a problem of the same manner, we must start from the design of our application as well as the cryptographic protocols used in it. Despite the agreement of cryptography essential role, it is widely common in the software development world not to use it correctly. The suggestion is to use a cryptography expert when implementing cryptographic protocols. Moreover, developers must ensure to enable all warning in the compiler to prevent any undetected bugs by the static analysis process. In the Apple example, if the developer enabled the warning ‘Wunreachable-code’ in the compiler, the additional ‘goto’ statement would have been detected.
The second example demonstrated one of the common mistakes which is applying inadequate randomness when generating secret keys and seeds. One key characteristic of generating true randomness is the ability of creating unforeseeable values. The solution for this issue is to use unpredictable seed bits. The seed value should be complex enough with a significant length, and it should not be guessable.
Limitations and Existing Work
Giving the solid reputation of many cryptography methods available to use, a certain perception has been created among developers that these methods are sufficient to make the sensitive data of their systems unreachable to attackers. These methods, albeit ensure security in some way, can fail in providing the promoted benefits if they are not applied in a proper manner. That is why most vulnerabilities related to cryptography are a result of developers neglect to best practices. Lazar et al. discussed in their paper how can a neglectful and careless implementation of cryptographic primitives and protocols can make systems vulnerable to attacks such as man-in-the-middle, brute-force, and side-channel attacks.
We live in a world where cryptography is a primary element in almost every system we use. And for software designers, a lack of knowledge regarding cryptography practices and implementations could force ominous repercussions. An adequate usage of cryptographic algorithms and a proper execution of true random keys and seeds will mitigate the potential damage of the security issues related to cryptography.
With that being said, even though it is substantial to build a well created design, it is usually not that plain simple to do so. Complications can stand in the way giving that most applications in the real world are increasing day by day in term of their complexity. What is more, having errors will always be a strong possibility even with a strongly built cryptography. Also, I strongly believe that we need more empirical research on software companies’ implementation of cryptography since the existing research is lacking in numbers.
- Egele, M., Brumley, D., Fratantonio, Y., & Kruegel, C. (2013, November). An empirical study of cryptographic misuse in android applications. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (pp. 73-84). ACM.
- Lazar, D., Chen, H., Wang, X., & Zeldovich, N. (2014, June). Why does cryptographic software fail?: a case study and open problems. In Proceedings of 5th Asia-Pacific Workshop on Systems (p. 7). ACM.
- Arce, I., Clark-Fisher, K., Daswani, N., DelGrosso, J., Dhillon, D., Kern, C., ... & Seltzer, M. (2014). Avoiding the top 10 software security design flaws. IEEE Computer Society Center for Secure Design (CSD), Tech. Rep.
- Yoosuf, N. (2017, January). The many, many ways that cryptographic software can fail. Retrieved from www.freecodecamp.org
- Langley, A. (2014). Apple’s SSL/TLS bug. Retrieved from www.imperialviolet.org
- CVE-2014-1266. (2014, January). CVE-2014-1266. Retrieved from cve.mitre.org
- Software Engineering Institute, CMU. (2011, May). Erlang/OTP SSH library uses a weak random number generator. Retrieved from www.kb.cert.org