-
Insecure by Design in the Backbone of Critical Infrastructure
Authors:
Jos Wetzels,
Daniel dos Santos,
Mohammad Ghafari
Abstract:
We inspected 45 actively deployed Operational Technology (OT) product families from ten major vendors and found that every system suffers from at least one trivial vulnerability. We reported a total of 53 weaknesses, stemming from insecure by design practices or basic security design failures. They enable attackers to take a device offline, manipulate its operational parameters, and execute arbitr…
▽ More
We inspected 45 actively deployed Operational Technology (OT) product families from ten major vendors and found that every system suffers from at least one trivial vulnerability. We reported a total of 53 weaknesses, stemming from insecure by design practices or basic security design failures. They enable attackers to take a device offline, manipulate its operational parameters, and execute arbitrary code without any constraint. We discuss why vulnerable products are often security certified and appear to be more secure than they actually are, and we explain complicating factors of OT risk management.
△ Less
Submitted 22 March, 2023;
originally announced March 2023.
-
Where's Crypto?: Automated Identification and Classification of Proprietary Cryptographic Primitives in Binary Code
Authors:
Carlo Meijer,
Veelasha Moonsamy,
Jos Wetzels
Abstract:
The continuing use of proprietary cryptography in embedded systems across many industry verticals, from physical access control systems and telecommunications to machine-to-machine authentication, presents a significant obstacle to black-box security-evaluation efforts. In-depth security analysis requires locating and classifying the algorithm in often very large binary images, thus rendering manu…
▽ More
The continuing use of proprietary cryptography in embedded systems across many industry verticals, from physical access control systems and telecommunications to machine-to-machine authentication, presents a significant obstacle to black-box security-evaluation efforts. In-depth security analysis requires locating and classifying the algorithm in often very large binary images, thus rendering manual inspection, even when aided by heuristics, time consuming.
In this paper, we present a novel approach to automate the identification and classification of (proprietary) cryptographic primitives within binary code. Our approach is based on Data Flow Graph (DFG) isomorphism, previously proposed by Lestringant et al. Unfortunately, their DFG isomorphism approach is limited to known primitives only, and relies on heuristics for selecting code fragments for analysis. By combining the said approach with symbolic execution, we overcome all limitations of their work, and are able to extend the analysis into the domain of unknown, proprietary cryptographic primitives. To demonstrate that our proposal is practical, we develop various signatures, each targeted at a distinct class of cryptographic primitives, and present experimental evaluations for each of them on a set of binaries, both publicly available (and thus providing reproducible results), and proprietary ones. Lastly, we provide a free and open-source implementation of our approach, called Where's Crypto?, in the form of a plug-in for the popular IDA disassembler.
△ Less
Submitted 15 October, 2020; v1 submitted 9 September, 2020;
originally announced September 2020.
-
Challenges in Designing Exploit Mitigations for Deeply Embedded Systems
Authors:
Ali Abbasi,
Jos Wetzels,
Thorsten Holz,
Sandro Etalle
Abstract:
Memory corruption vulnerabilities have been around for decades and rank among the most prevalent vulnerabilities in embedded systems. Yet this constrained environment poses unique design and implementation challenges that significantly complicate the adoption of common hardening techniques. Combined with the irregular and involved nature of embedded patch management, this results in prolonged vuln…
▽ More
Memory corruption vulnerabilities have been around for decades and rank among the most prevalent vulnerabilities in embedded systems. Yet this constrained environment poses unique design and implementation challenges that significantly complicate the adoption of common hardening techniques. Combined with the irregular and involved nature of embedded patch management, this results in prolonged vulnerability exposure windows and vulnerabilities that are relatively easy to exploit. Considering the sensitive and critical nature of many embedded systems, this situation merits significant improvement. In this work, we present the first quantitative study of exploit mitigation adoption in 42 embedded operating systems, showing the embedded world to significantly lag behind the general-purpose world. To improve the security of deeply embedded systems, we subsequently present μArmor, an approach to address some of the key gaps identified in our quantitative analysis. μArmor raises the bar for exploitation of embedded memory corruption vulnerabilities, while being adoptable on the short term without incurring prohibitive extra performance or storage costs.
△ Less
Submitted 5 July, 2020;
originally announced July 2020.
-
Open Sesame: The Password Hashing Competition and Argon2
Authors:
Jos Wetzels
Abstract:
In this document we present an overview of the background to and goals of the Password Hashing Competition (PHC) as well as the design of its winner, Argon2, and its security requirements and properties.
In this document we present an overview of the background to and goals of the Password Hashing Competition (PHC) as well as the design of its winner, Argon2, and its security requirements and properties.
△ Less
Submitted 11 February, 2016; v1 submitted 8 February, 2016;
originally announced February 2016.
-
Sponges and Engines: An introduction to Keccak and Keyak
Authors:
Jos Wetzels,
Wouter Bokslag
Abstract:
In this document we present an introductory overview of the algorithms and design components underlying the Keccac cryptographic primitive and the Keyak encryption scheme for authenticated (session-supporting) encryption. This document aims to familiarize readers with the basic principles of authenticated encryption, the Sponge and Duplex constructions (full-state, keyed as well as regular version…
▽ More
In this document we present an introductory overview of the algorithms and design components underlying the Keccac cryptographic primitive and the Keyak encryption scheme for authenticated (session-supporting) encryption. This document aims to familiarize readers with the basic principles of authenticated encryption, the Sponge and Duplex constructions (full-state, keyed as well as regular versions), the permutation functions underlying Keccak and Keyak as well as Keyak v2's Motorist mode of operation.
△ Less
Submitted 12 October, 2015; v1 submitted 9 October, 2015;
originally announced October 2015.
-
Simple SIMON: FPGA implementations of the SIMON 64/128 Block Cipher
Authors:
Jos Wetzels,
Wouter Bokslag
Abstract:
In this paper we will present various hardware architecture designs for implementing the SIMON 64/128 block cipher as a cryptographic component offering encryption, decryption and self-contained key-scheduling capabilities and discuss the issues and design options we encountered and the tradeoffs we made in implementing them. Finally, we will present the results of our hardware architectures' impl…
▽ More
In this paper we will present various hardware architecture designs for implementing the SIMON 64/128 block cipher as a cryptographic component offering encryption, decryption and self-contained key-scheduling capabilities and discuss the issues and design options we encountered and the tradeoffs we made in implementing them. Finally, we will present the results of our hardware architectures' implementation performances on the Xilinx Spartan-6 FPGA series.
△ Less
Submitted 22 July, 2015;
originally announced July 2015.
-
Hidden in snow, revealed in thaw: Cold boot attacks revisited
Authors:
Jos Wetzels
Abstract:
In this paper, we will provide an overview of the current state-of-the-art with regards to so-called cold boot attacks, their practical applicability and feasibility, potential counter-measures and their effectiveness.
In this paper, we will provide an overview of the current state-of-the-art with regards to so-called cold boot attacks, their practical applicability and feasibility, potential counter-measures and their effectiveness.
△ Less
Submitted 4 August, 2014;
originally announced August 2014.
-
Broken keys to the kingdom: Security and privacy aspects of RFID-based car keys
Authors:
Jos Wetzels
Abstract:
This paper presents an overview of the current state-of-the-art of security and privacy concerns regarding RFID-based car key applications. We will first present a general overview of the technology and its evolution before moving on to an overview and discussion of the various known security weaknesses and attacks against such systems and the associated privacy risks they introduce.
This paper presents an overview of the current state-of-the-art of security and privacy concerns regarding RFID-based car key applications. We will first present a general overview of the technology and its evolution before moving on to an overview and discussion of the various known security weaknesses and attacks against such systems and the associated privacy risks they introduce.
△ Less
Submitted 28 May, 2014;
originally announced May 2014.
