ABSTRACT
Developers use cryptographic APIs in Android with the intent of securing data such as passwords and personal information on mobile devices. In this paper, we ask whether developers use the cryptographic APIs in a fashion that provides typical cryptographic notions of security, e.g., IND-CPA security. We develop program analysis techniques to automatically check programs on the Google Play marketplace, and find that 10.327 out of 11,748 applications that use cryptographic APIs -- 88% overall -- make at least one mistake. These numbers show that applications do not use cryptographic APIs in a fashion that maximizes overall security. We then suggest specific remediations based on our analysis towards improving overall cryptographic security in Android applications.
- The legion of the bouncy castle. http://bouncycastle.org/, 2013.Google Scholar
- M. Abadi and B. Warinschi. Password-Based Encryption Analyzed. In Proceedings of the international colloquium of Automata, Languages and Programming, pages 664--676. Springer, 2005. Google ScholarDigital Library
- I. Apple. iOS Security Contents, 2012.Google Scholar
- M. Bellare, T. Kohno, and C. Namprempre. Authenticated encryption in SSH: Provably Fixing the SSH Binary Packet Protocol. In Proceedings of the 9th ACM conference on Computer and communications security, pages 1--11, 2002. Google ScholarDigital Library
- M. Bellare, T. Ristenpart, and S. Tessaro. Multi-instance Security and Its Application to Password-Based Cryptography. In Proceedings of the 32nd Annual Cryptology Conference, pages 312{329. Springer, 2012.Google Scholar
- M. Bellare and P. Rogaway. Course notes for introduction to modern cryptography. cseweb.ucsd.edu/users/mihir/cse207/classnotes.html.Google Scholar
- K. Bhargavan, C. Fournet, R. Corin, and E. Zalinescu. Cryptographically verified implementations for TLS. In Proceedings of the 15th ACM conference on computer and Communications security, pages 459--468, 2008. Google ScholarDigital Library
- H. Chen and D. Wagner. MOPS: An Infrastructure for Examining Security Properties of Software. In Proceedings of the 9th ACM conference on Computer and communications security, pages 235--244, 2002. Google ScholarDigital Library
- S. Clark and T. Goodspeed. Why (special agent) Johnny (still) can't encrypt: a security analysis of the APCO project 25 two-way radio system. In Proceedings of the 20th USENIX Security Symposium, 2011. Google ScholarDigital Library
- R. Cytron, J. Ferrante, B. K. Rosen, M. N. Wegman, and F. K. Zadeck. Efficiently Computing Static Single Assignment Form and the Control Dependence Graph. ACM Transactions on Programming Languages and Systems, 13(4):451--490, Oct. 1991. Google ScholarDigital Library
- J. Dean, D. Grove, and C. Chambers. Optimization of object-oriented programs using static class hierarchy analysis. In Proceedings of the 9th European Conference on Object-Oriented Programming, pages 77--101. Springer, 1995. Google ScholarDigital Library
- A. Desnos. Androguard: Reverse engineering, malware and goodware analysis of android applications ... and more (ninja !). http://code.google.com/p/androguard/.Google Scholar
- W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, 2010. Google ScholarDigital Library
- W. Enck, M. Ongtang, and P. McDaniel. On lightweight mobile phone application certification. In Proceedings of the 16th ACM conference on computer and Communications security, pages 235--245, 2009. Google ScholarDigital Library
- S. Fahl, M. Harbach, T. Muders, M. Smith, L. Baumgartner, and B. Freisleben. Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security. In Proceedings of the 19th ACM conference on Computer and communications security, pages 50--61, 2012. Google ScholarDigital Library
- A. P. Felt, E. Chin, S. Hanna, D. Song, and D. Wagner. Android permissions demystified. In Proceedings of the 18th ACM conference on Computer and communications security, pages 627--638, 2011. Google ScholarDigital Library
- J. Hoffmann, M. Ussath, T. Holz, and M. Spreitzenbarth. Slicing droids: program slicing for smali code. In In Proceedings of the 28th ACM Symposium on Applied Computing, 2013. Google ScholarDigital Library
- S. C. Johnson. Lint , a C Program Checker. Technical report, 1978.Google Scholar
- B. Kaliski. PKCS #5: Password-based cryptography specification version 2.0. http://tools.ietf.org/html/rfc2898. Google ScholarDigital Library
- A. Klyubin. Some SecureRandom thoughts. http://android-developers.blogspot.co.uk/2013/08/some-securerandom-thoughts.html, 2013.Google Scholar
- D. Larochelle and D. Evans. Statically Detecting Likely Buffer Overflow Vulnerabilities. In Proceedings of the 10th USENIX Security Symposium, pages 177--190, 2001. Google ScholarDigital Library
- J. C. Mitchell, M. Mitchell, and U. Stern. Automated Analysis of Cryptographic Protocols Using Murphi. In Proceedings of the IEEE Symposium on Security and Privacy, pages 141--151, 1997. Google ScholarDigital Library
- B. Moeller. TLS insecurity (attack on CBC). http://www.openssl.org/~bodo/tls-cbc.txt, 2001.Google Scholar
- M. Nauman, S. Khan, and X. Zhang. Apex: extending android permission model and enforcement with user-defined runtime constraints. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pages 328--332, 2010. Google ScholarDigital Library
- P. Pearce, A. P. Felt, G. Nunez, and D. Wagner. AdDroid: Privilege separation for applications and advertisers in android. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, 2012. Google ScholarDigital Library
- T. Vidas, D. Votipka, and N. Christin. All Your Droid Are Belong To Us: A Survey of Current Android Attacks. In Proceedings of the 5th USENIX Workshop on Offensive Technologies, 2011. Google ScholarDigital Library
- M. Weiser. Program Slicing. In Proceedings of the 5th international conference on Software engineering, pages 439--449, 1981. Google ScholarDigital Library
- A. Whitten and J. Tygar. Why Johnny Can't Encrypt : A Usability Evaluation of PGP 5.0. In Proceedings of the 8th USENIX Security Symposium, 1999. Google ScholarDigital Library
- Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012.Google Scholar
Index Terms
- An empirical study of cryptographic misuse in android applications
Recommendations
Source Attribution of Cryptographic API Misuse in Android Applications
ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications SecurityRecent research suggests that 88% of Android applications that use Java cryptographic APIs make at least one mistake, which results in an insecure implementation. It is unclear, however, if these mistakes originate from code written by application or ...
Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications
DASC '14: Proceedings of the 2014 IEEE 12th International Conference on Dependable, Autonomic and Secure ComputingCryptographic misuse affects a sizeable portion of Android applications. However, there is only an empirical study that has been made about this problem. In this paper, we perform a systematic analysis on the cryptographic misuse, build the ...
An empirical study of SMS one-time password authentication in Android apps
ACSAC '19: Proceedings of the 35th Annual Computer Security Applications ConferenceA great quantity of user passwords nowadays has been leaked through security breaches of user accounts. To enhance the security of the Password Authentication Protocol (PAP) in such circumstance, Android app developers often implement a complementary ...
Comments