Securing Cryptographic Keys

Transcription

1 White Paper Securing Cryptographic Keys A Sophisticated Implementation of White-Box Cryptography Using Arxan s TransformIT Solution Version 1.0

2 Securing Cryptographic Keys with White-Box Cryptography 2 TABLE OF CONTENTS Executive Summary 3 White-Box Attack Model 4 Arxan s White-Box Cryptography Solution - TransformIT 5 Techniques To Protect Sensitive Data 6 Color Model to Represent Obfuscated Data Form 6 Diversification To Thwart BORE Attacks 6 Protection From Code Tampering Attacks 7 Implementation of TransformIT 7 Algorithm and Platform Support 8 TransformIT Benefits 9 Sample Use Cases 10 Use Case 1: Digital Rights Management (DRM) 10 Risks 10 Mitigation 11 Use Case 2: HCE Mobile Payment 11 Risks 11 Mitigation 11 Use Case 3: Software/ISVs 12 Risks 12 Mitigation 13 Use Case 4: Gaming 13 Risks 13 Mitigation 13 Use Case 5: IoT 14 Risks in Connected Car Ecosystem 14 Risks in Connected Homes Ecosystem 14 Mitigation

3 Securing Cryptographic Keys with White-Box Cryptography 3 Executive Summary Cryptography is at the heart of secure communication worldwide, and has become an indispensable protection for securing systems, communications and applications. Cryptographic Keys are used to: Protect digital assets, including media, software and devices Protect mobile payment solutions that leverage Host Card Emulation (HCE) on the Android platform Protect server API s from being accessed by 3rd party or cloned version of an original mobile app Secure IoT ecosystems: Secure communications between connected cars and vehicle owners mobile devices Secure communications between smart locks and mobile device Encrypt user licenses Prove identity Access to digital content, data and information systems is commonly protected by encryption, a first line of defense. However, encryption has a single point of failure, which is the encryption key itself. If the attacker has access to the device on which the encryption is occurring, the key may simply be lifted out of the code, thus exposing the underlying assets which encryption was supposed to protect. Software implementations across diverse industries are exposed to a significant risk of secret keys being discovered or the integrity of trust keys or public keys being violated. This will result in placing the underlying assets (such as premium content, sensitive data or intellectual property) at risk. Platforms such as desktop computers, mobile devices and embedded systems allow adversaries to monitor the program code, memory, and software input-output to analyze the execution of algorithms and gain access to cryptographic keys and other secret data. Protecting cryptographic keys therefore is a critical security requirement across diverse usecases. White-Box Cryptography (WBC) addresses the challenge of implementing cryptographic algorithms securely in an execution environment that is fully observable and modifiable by an attacker. WBC is intended for any security system that employs cryptographic algorithms and keys, and that is executed in an open and untrusted environment, such as on a desktop computer, mobile device, or embedded system. This white paper discusses how Arxan s WBC solution, TransformIT, is mitigating cryptographic key attacks. TransformIT combines complex mathematical algorithms with data and code obfuscation techniques to transform the cryptographic keys and related operations so keys cannot be discovered. The keys are never present in the static form or in runtime memory. Leverage TransformIT to: Secure crypto keys so keys cannot be discovered at any time, and are not present in static form or in runtime memory Protect data at rest, in transit and in use

4 Securing Cryptographic Keys with White-Box Cryptography 4 White-Box Attack Model A major issue when dealing with security programs is the protection of sensitive (secret, confidential or private) data embedded in the code. The usual solution consists in encrypting the data but the legitimate user needs to get access to the decryption key, which also needs to be protected. This is even more challenging in a software-only solution, running on a non-trusted host. Consider the case where cryptography is deployed in applications that are executed on open devices such as desktop computers, mobile devices and embedded systems: Adversary has full access to the software implementation of cryptographic algorithm Application s binary is completely visible and alterable by the adversary; and adversary has full control over the execution platform (CPU calls, memory registers, etc.) Cryptographic keys are vulnerable to the following risks:

5 Securing Cryptographic Keys with White-Box Cryptography 5 Software implementations that resist such white-box attacks are denoted white-box implementations. Consider the use case where a cryptographic key is involved to protect underlying assets, for example in DRM applications, the software user has an incentive to reverse engineer the application and extract the private key. Similar attacks may occur even when the application user has no incentive for example when a banking application is executed on a device that is infected by malware or on multi-user systems where other users have elevated privileges. When in such a situation, cryptographic operations are deployed using standard cryptographic libraries such as OpenSSL or cryptographic keys are stored in plain memory. The private key would be unveiled without much effort, no matter how strong the cryptographic primitive used. White-box cryptography aims to address the challenge of implementing a cryptographic algorithm in software such that cryptographic assets remain secure even when subject to white-box attacks. Arxan s White-Box Cryptography Solution - TransformIT TransformIT is a sophisticated implementation of white-box cryptography. It combines mathematical algorithm with data and code obfuscation techniques so it s not just purely a code and data obfuscation but actually algorithmic obfuscation. It transforms the cryptographic key and related operations so keys cannot be discovered at any time. The cryptographic keys are never present in static form or in runtime memory. TransformIT : Provides keys in white-box form for use in the cryptographic operations performed by methods in the TransformIT libraries Allows the use of both obfuscation and encryption on sensitive data and chaining together of cryptographic operations, to reduce or remove the possibility of a successful attack TransformIT is a cryptographic library that provides a programmatic abstraction layer or API that confines the handling of cryptographic algorithms and secrets. Effective use of TransformIT does not require developers with cryptographic expertise any experienced software developer can leverage the library, since it implements all the features and algorithms required to protect secrets. It enables AES, RSA, ECC, SHA, CMAC, and HMAC computations directly on encrypted data and keys without decrypting them.

6 Securing Cryptographic Keys with White-Box Cryptography 6 TransformIT protects: Static or Fixed-keys Dynamic Keys Sensitive Data Fixed-key is the most secure form of white-box implementation, in which secret keys are created offline and embedded in the application. Dynamic keys are generated on the fly during execution. Preparation of a white-box form key at runtime using dynamic data is called dynamic key preparation. Dynamic key preparation is available for most ciphers, but in every case requires dynamic key material in obfuscated form. Techniques To Protect Sensitive Data TransformIT leverages the following techniques to protect sensitive data: Obfuscated Form: Available for protecting inputs and output from ciphers, and other intermediate results. Obfuscation is reversible. Obfuscated data is not encrypted and the obfuscation process does not involve a key. White-box Form: Only used for key material, and is maximally secure. Unlike obfuscation, it is not reversible. Color Model to Represent Obfuscated Data Form TransformIT uses colors as a metaphor for a specific type of obfuscation. Each color is pre-assigned and refers to the unique mapping of a specific obfuscation. Diversification To Thwart BORE Attacks Seasoned hackers can exploit the information gained from one deployment to compromise the others. This enables creation of automated BORE (Break Once Run Everywhere) attack tools. Diversification is a significant and unique feature of TransformIT. This feature ensures that each customer receives a package whose program code differs from other packages. Arxan achieves this by generating unique representations of the TransformIT white-box algorithms for each customer. TransformIT generates multiple white-box cryptographic libraries that are functionally equivalent but structurally diverse. Diversity results from the libraries having different master keys and finite state machines. You ll receive a unique master key and one or more unique finite state machines. If the master key or state machine is compromised, Arxan can replace them with others. This is a quick and efficient way to remediate if attackers compromise an application. Diversification makes it extremely difficult for seasoned hackers to develop universal cracking tools. In addition to diversification offered by TransformIT, Arxan s patented Guarding technology offers strong diversity to applications at control-flow level, making it even harder to develop a universal tampering scheme. It offers multiple interconnected layers of defense augmented by complex randomization techniques and strong diversity across binaries to prevent BORE attacks.

7 Securing Cryptographic Keys with White-Box Cryptography 7 Protection From Code Tampering Attacks White-box crypto functions and applications, in practice, are subjected to code lifting attacks. A WBC solution alone does not protect the applications from reverse-engineering and code tampering attacks. Arxan s Patented Guarding Technology Mitigates Code Lifting TransformIT alone cannot protect white-box crypto implementations against reverse-engineering and code tampering attacks. TransformIT works in conjunction with Arxan s patented guarding technology -- EnsureIT and GuardIT -- to provide a comprehensive protection. This comprehensive protection solution offers the following: Protects not just the white-box crypto keys; but also the sensitive code against tampering, reverse-engineering, and piracy. Safeguards keys, code and data against debugging, reverse engineering, analysis, and tampering. As a result, sensitive or valuable assets within your application including intellectual property, software licenses and digital content remain secure. Implementation of TransformIT The following diagram provides a high-level overview of the steps required to implement TransformIT APIs into an application:

8 Securing Cryptographic Keys with White-Box Cryptography 8 Algorithm and Platform Support The table below describes the algorithms supported by TransformIT : Cipher Algorithm Symmetric Key Encryption Decryption AES (128, 192, 256 bit), ECB, CBC, CTR, GCM Mode, DES, 3DES AES (128, 192, 256 bit), ECB, CBC, CTR, GCM Mode, DES, 3DES Encryption Asymmetric Key Decryption Digital Signature Algorithm Key Exchange Cryptographic Hash Message Authentication Code Key Wrapping Key Derivation Function KDF Utilities RSA (1024, 2048 bit) RSA (1024, 2048 bit), RSA, CMLA (1024, 2048bit), Elliptic Curve ElGamal (P160, P192, P224, P256, P384, P521, CUSTOM) Elliptic Curve DSA ECDSA (P160, P192, P224, P256, P384, P521, CUSTOM) Signing RSA (1024, 2048 bit) Verification RSA (1024, 2048 bit) Elliptic Curve Diffie-Hellman ECDH (P160, P192, P224, P256, P384, P521, CUSTOM), Finite Field Diffie- Hellman FFDH SHA-1, SHA-256 Cipher-based (AES) MAC CMAC, Hash-based (SHA) MAC HMAC NIST, CMLA NIST, CMLA, OMA Encode, Decode, and Recode, Slicing, XOR TransformIT supports the following platforms: Android/ARM Apple ios (ARMv7 and ARM64) Windows (x86 and x64) Mac OS X (x86 and x64) Linux (x86 and x64) Linux/ARM Chrome OS/ARM Linux/MIPSel

9 Securing Cryptographic Keys with White-Box Cryptography 9 TransformIT Benefits The following table describes the key features and benefits that TransformIT offers: Key Features Stronger Security Smaller Footprint Easier Integration Better Performance Diversification Broad Platform & Algorithm Support Benefits Offers stronger security, state-of-the-art technology built from ground-up Multiple obfuscation with color model Keys are more protected in white-box domain, every key is in it s own domain Offers smaller footprint than any other WBC solutions Provides individualized libraries Requires no-source code changes Offers simple API s for easier integration with application Conformance to common API calls like OpenSSL, allows straightforward replacement of existing cryptographic libraries Offers tunable Performance vs. Security tradeoff Diversification is a fundamental strategy to prevent broad-based attacks; TransformIT automatically includes deep diversification of applications at control-flow level, making it even harder to develop a universal tampering scheme TransformIT supports all major cryptographic algorithms Offers broader platform support

10 Securing Cryptographic Keys with White-Box Cryptography 10 Sample Use Cases Use Case 1: Digital Rights Management (DRM) Risks Key discovery is the most prevalent class of threats to DRM systems today. In order to protect a digital media file from being pirated, DRM systems contain a software media player (in addition to other components such as file servers, payment systems, etc.,) that allows users to download the media file and play encrypted files. This media player contains cryptographic keys to decrypt the encrypted media file. Adversaries can extract this key; decrypt the encrypted digital media file, and pirate it. Mitigation Cryptographic keys must be protected against key lifting using White-Box Cryptography, which hides the keys even when they are being used to decrypt the content. The following exhibit illustrates the DRM protected with TransformIT :

11 Securing Cryptographic Keys with White-Box Cryptography 11 Use Case 2: HCE Mobile Payment Prior to HCE, payment credentials needed to be stored in a highly restricted part of the smartphone controlled by mobile carriers, the Secure Element (SE). Carriers have long been the gatekeepers for who and what gets access to a phone s secure element and have typically charged fees for accessing it. Now, with HCE, mobile payment apps on phones can conduct mobile payments without carrier s control and constraints. Risks HCE will allow a smartcard to be emulated on the mobile phone without using a SE, which introduces the following key security risks that are not present in SE-based NFC services: Attacker can gain access to sensitive information such as payment credentials and cardholder information Malware applications can attack the OS and exploit the device and mobile payment app Malicious users can gain access to information stored within the mobile payment application and use it to make fraudulent payments Mitigation Security implications of bypassing the hardware based SE must be addressed. White-box crypto solution and anti-tampering measures are paramount to: Protect sensitive cardholder and payment information Compensate for the lack of hardware-based security inherent in HCE-based NFC applications

12 Securing Cryptographic Keys with White-Box Cryptography 12 Use Case 3: Software/ISVs Risks Many apps rely heavily on servers to support their operation. For example, cloud storage, social media, multiplayer games, etc. The client app on a mobile device talks to its app server using APIs to authenticate each user and to send/receive relevant data. Adversary can analyze these APIs and implement them in their app so it can talk to the same server. The new client may have altered functionality that the original app writer did not intend, and it will almost certainly damage the revenue model of the original app perhaps by being free to download instead of paid, or by reducing the advertising revenue for the real app. In short, it is generally not beneficial to the original app writer to allow 3rd party apps to use the app servers for free.

13 Securing Cryptographic Keys with White-Box Cryptography 13 Authentication can prevent the 3rd party app (or cloned version of the original client app) from using the server APIs, which is typically done using challenge-response exchange. Authentication protocols usually employ a cryptographic nonce as the challenge to ensure that every challenge-response sequence is unique. Typically the operation is cryptographic, meaning that the client contains a key, generally for an asymmetric cipher like RSA or ECC. It performs a cryptographic operation on the server, provided data using the key, and it proves that it is the real client by returning the correct data to the server. But the problem with this model is that the 3rd party app writer (or an adversary) can decompile the original application and lift the cryptographic key within it, use the same key into their app and pass the challenge-response test. Mitigation White-box cryptography can securely hide the cryptographic keys even when adversary has full access to the software. The original key material is converted to a new representation using a trapdoor function (a one-way, nonreversible function). This new key format can only be used by the associated white-box cryptography, effectively hiding the key. This software re-implements the required cryptographic operations using a set of techniques that take and use the new key format without revealing the original key material, while still producing the same result that conventional crypto software would with the original key material. By using white-box cryptography, the 3rd party app writer (or an adversary) cannot find the key that is being used for the challenge-response. Use Case 4: Gaming Risks Increasingly, games are distributed online. E-activation scenarios also include conversion from try to buy, or upgrade of a game after installation. The software routines that implement and enforce the licensing status of a game are subject to tampering attacks, as is all license-managed software. While some games overcome this by requiring constant connectivity to a server, always-on measures are hugely unpopular with users. Protecting application routines that verify and enforce licenses is a challenge. Further, as in-game commerce grows, and a growing number of financial transactions are conducted from within the game environment, there is a growing need to detect and prevent billing fraud and secure sensitive financial information/transactions. Most games include IP, such as optimized implementations, proprietary algorithms, special effects, videos and other features, which represent a significant investment. Game developers have a critical interest in preventing these components and code segments from being reverse engineered or lifted and used in counterfeit me-too products. Mitigation Online game developers must protect their entire game client against reverse engineering and tampering, and secure the client-server protocol, to fully protect their game and its ecosystem. White-box crypto solution hides key data (even dynamic/ephemeral keys) that keeps client/server communication secure and ensures that game assets cannot be lifted.

14 Securing Cryptographic Keys with White-Box Cryptography 14 Use Case 5: IoT Risks in Connected Car Ecosystem Interfacing with the infotainment system are a multitude of 3rd party apps running on the vehicle owner s personal mobile devices. A binary library provided by the OEM or a partner will typically facilitate communication and sharing of vehicle data. These apps are vulnerable to cryptographic key attacks Adversary can steal the electronic keys used to lock/unlock the vehicle remotely, and can gain access to the vehicle Risks in Connected Homes Ecosystem In case of smart lock for the home, adversary can steal the electronic key/certificates stored on the device, and eavesdrop the communication between the lock and mobile device In case of music appliances, adversary can obtain the decryption key at runtime or perform static analysis of key Mitigation White-box cryptographic key transformation solution prevents the discovery of public or private keys and assists in securing communication channels.