Tools for secure cryptographic programming

XV SIMPÓSIO BRASILEIRO EM SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS 09 A 12 DE NOVEMBRO | FLORIANÓPOLIS/SC

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software Presenter: Alexandre Braga Authors: Alexandre Braga and Ricardo Dahab 10/11/2015 – Sessão Técnica 1 – 9:30 to 10:00

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Content • Background & motivation • Tools and techniques for secure cryptographic programming • Tools and techniques for cryptographic security verification • Assembling a toolkit for programming cryptographic software • Concluding remarks

2/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Content • Background & motivation • Tools and techniques for secure cryptographic programming • Tools and techniques for cryptographic security verification • Assembling a toolkit for programming cryptographic software • Concluding remarks

3/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Introduction •

Today’s software systems exist in a world full of massively available, cloudbased applications (e.g., mobile apps) that are always on-line, connected to whatever servers are available, and communicating to each other, carrying out most private aspects of life.

https://play.google.co m/store/search?q=cry ptography&c=apps

4/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Motivation • •

It is quite natural to observe a rise in the use of security functions based on cryptographic techniques in software systems. Also, there are several new usages strongly related to final user’s needs, transparently blended into software functions, and bringing diversity to this ecosystem.

We believe that the software industry lacks an approach for building secure cryptographic software, which could be used by ordinary programmers. •

This paper contributes to remedy this situation, broadening the discussion on the development of secure cryptographic software by addressing the use of security tools and techniques during the various stages of cryptographic programming.

5/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Cryptographic software •

Cryptographic software is one that has as its very purpose a true need for securing or preserving some of the information security’s main goals through the use of cryptographic technology.

•

Secure (or defensive) programming of cryptographic software is related to the use of general secure coding techniques during the programming of cryptographic software.

•

Programming secure cryptographic software starts at the point where the former stops, and embraces specific secure coding techniques and programming countermeasures to better defend cryptographic software against particular misuses as well as bad construction of cryptographic techniques.

6/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Cryptographic misuses •

Several studies show the occurrence, in various software systems, of wellknown cryptography bad practices, such as: o Insecure deterministic encryption (e.g., ECB mode, “textbook” RSA); o Reuse of keys and nonces (e.g., IVs and seeds); o Insecure combination of authentication and encryption;

o Insecure exchange of operation modes (e.g., stream ciphers); o Side-channels (e.g., timing, padding oracles); o Incomplete validation of certificates and certification paths; etc. •

A recent study [15] showed that 17% of “crypto bugs” are inside cryptographic libraries, and 83% are cryptography misuses by applications.

•

For a comprehensive tutorial on the subject, see our short training course: “Introdução à Criptografia para Programadores - Evitando Maus Usos de Criptografia em Sistemas de Software.” (MC1 – SBSeg 2015)

7/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

Software Development Life Cycle (SDLC)

SBSEG 2015 – ST1 Braga & Dahab

8/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

9/25

Secure SDLC approaches a single iteration

The use of automated tools from late design to system integration

Touch points from Software Security: Building security in (Gary McGraw) in blue balloons

BSI-MM, SAMM and MS-SDL give good advice for best-practices in red balloons.

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

10/25

Activities and tools reorganized for crypto software

Simple steps for cryptographic software programming

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

Classification of tools •

Two categories of tools and techniques: o secure crypto programming; o security verification of crypto software.

•

Secure crypto programming tools: o Specific programming languages o Automated code generation o Cryptographic APIs, and o Crypto frameworks.

•

Security verification tools: o Static (no code execution) and o Dynamic analysis (testing) tools.

SBSEG 2015 – ST1 Braga & Dahab

11/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Content • Background & motivation • Tools and techniques for secure cryptographic programming • Tools and techniques for cryptographic security verification • Assembling a toolkit for programming cryptographic software • Concluding remarks

12/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

Tools for secure cryptographic programming

SBSEG 2015 – ST1 Braga & Dahab

13/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Content • Background & motivation • Tools and techniques for secure cryptographic programming • Tools and techniques for cryptographic security verification • Assembling a toolkit for programming cryptographic software • Concluding remarks

14/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Tools for cryptographic security verification Static analysis tools perform syntactical and semantic analysis on source code without executing it.

15/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

16/25

Tools for cryptographic security verification Two types of static analysis tools • Type 1 works inside cryptographic implementations o Specific implementations issues, e.g. side-channel vulnerabilities o Examples: CAOVerif, SCF, Sleuth, and CacheAudit • Type 2 works outside the bounds of cryptographic APIs o Identify known misuse of cryptographic libraries o Examples: CryptoLint, CMA, and ordinary tools

Type 2

Type 1

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

17/25

Tools for cryptographic security verification •

•

Test vectors are test cases for cryptographic security functions and have been used for years in validation of cryptographic implementations, mostly for product certification post construction [53]. Test vectors can also be used for validation during software development, as automated acceptance tests [54].

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

18/25

Tools for cryptographic security verification Security testing (dynamic analysis) tools perform dynamic verifications of a program’s expected behaviors on a finite set of test cases, suitably selected from the usually infinite execution domain.

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Content • Background & motivation • Tools and techniques for secure cryptographic programming • Tools and techniques for cryptographic security verification • Assembling a toolkit for programming cryptographic software • Concluding remarks

19/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

20/25

Putting it all together The tools and techniques discussed so far can be put together in a simple sequence of steps for programming of secure cryptographic software.

+

=?

Steps (process?) for development of crypto software Tools for crypto software

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Assembling a toolkit for programming crypto software • •

The use of redundant and diverse tools and techniques increases confidence. Tools are not perfect, so the toolkit has to be both complementary and overlapping. o Issues not detected by one tool can be found by one of the others.

21/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Content • Background & motivation • Tools and techniques for secure cryptographic programming • Tools and techniques for cryptographic security verification • Assembling a toolkit for programming cryptographic software • Concluding remarks

22/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Conclusion •

The increasing complexity of software has negatively affected cryptography o Leading to its misuse and resulting in insecure software

•

It is time to come up with new ways of building cryptographic software o Recent advances on tool support for software security

•

There is no ultimate tool for programming secure cryptographic software o Only a well-crafted set of tools seems to be able to cover the whole landscape

•

The programming of secure cryptographic software is an emerging discipline in the practice of cryptographic software programming

•

Only a few tools were actually available to the ordinary programmer o Currently, prototypes of academic interest

•

There is hope that a new generation of tools could bring to daily practice all the academic advances mentioned so far

23/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Future work •

The current research points to several opportunities for future work.

•

Modeling of processes for the development of secure cryptographic software could help to find better ways of using all these tools.

•

Performing experimentation with specific security tools during development of cryptographic software o Evaluate their effectiveness in reducing crypto vulnerabilities.

•

Development of better software abstractions to facilitate the use of advanced cryptographic concepts by ordinary programmers

•

Finally, the collection and analysis of data concerning the real programming habits of developers , when coding crypto software o Better understand how programmers misuse cryptography.

24/25

A Survey on Tools and Techniques for the Programming and Verification of Secure Cryptographic Software

SBSEG 2015 – ST1 Braga & Dahab

Thanks! • •

Contacts: Alexandre Braga • [email protected] • [email protected] • https://www.researchgate.net/profile/Alexandre_Braga2 • https://br.linkedin.com/in/alexmbraga Alexandre Braga would like to thank Fundação CPqD for the institutional support given to employees on their academic activities. Ricardo Dahab thanks FAPESP, CNPq and CAPES for partially supporting this work. He also thanks the University of Waterloo, where he is on a leave of absence from UNICAMP.

25/25