Android Application Security at Devoxx 2013

Transcript

1. @fmaelbrancke @tegbird Android Application Security Filip Maelbrancke Tegbir Dhillon

2. Application security ANDROID FOR DEVELOPERS

3. WE Filip Maelbrancke Consultant @ iDA MediaFoundry ! ! !

   Tegbir Dhillon Team lead @ ING Bank Belgium
4. None

5. demo app http://git.io/devoxx-2013-android-app-sec CODE

6. Security The only system that is truly secure is one

   that is switched off and unplugged, locked in a titanium-lined safe, buried in a concrete bunker, and surrounded by nerve gas and very highly-paid armed guards. Even then, I wouldn't stake my life on it. “ ” Gene Spafford

7. Security = managing risk Cri$cality/Impact High  Risk Low  Risk Asset

   Medium  Risk Exploitability Low  Risk Vulnerability Medium  Risk M edium  Risk Probability Low  Risk   Threat

8. All in one device Increases threat proBability ! • GPS

   • Contacts • Camera • Email (work) • Wallet

9. Always out Vulnerability / Exploitability ! • Stolen • Forgotten

   • Lost • Weak pins • Use of open public WiFi

10. Everyone uses it

11. Everyone uses it

12. Android security application sandbox Each app runs with its own

    userID

13. traditional System resources File system Network System resource App 1

    App 2 App ... UID = 1 2 3 4 5 starts permissions UID = 1 2 3 4 5

14. Android sandbox App1$$ Linux$UID:$ 12345$ Resources$ UID:12345$ DB$ Network$ File$

    resources$ Permissions$$ UID:12345$ Sandbox$ App2$$ Linux$UID:$ 56789$ Resources$ UID:56789$ DB$ Network$ Files$ resources$ Permissions$ UID:56789$ $ Sandbox$ App1$$ App2$$

15. shared user id App1$$ App2$$ App1$$ Linux$UID:$ 10160$ Resources$ UID:10160$

    DB$ Network$ File$ Resources$ DB$ Network$ File$ resources$ Permissions$$ UID:10160$ App1$$ Linux$UID:$ 10160$ Sandbox$ <manifest ... android:sharedUserId=“com.example.apps” ...>

16. Permission types Permission) Permission)Level) Normal) Permission)Level) dangerous) Permission)Level) Signature) Permission)Level)

    SignatureOrSystem)

17. Signing tips Secure your private key Strong passwords Four eyes

    principle Keep key-store in safe place Provide geographic redundancy

18. typical mobile app MOBILE APPLICATION UI LOCAL STORAGE REMOTING LAYER

    REMOTE API COMMUNICATION CHANNEL

19. Security APP HARDENING DATA NETWORK SERVICES

20. None

21. Securing the app JAVA CLASS DEX

22. Obfuscation

23. Proguard obfuscate optimize Shrink

24. proguard obfuscation

25. proguard configuration

26. proguard Beware!

27. proguard loggingwrapper

28. proguard configuration

29. proguard BEtter

30. reverse engineer

31. reverse engineer TOOLS ! • Apktool • Dex2jar • Apk

    to Java !

32. reverse engineer code

33. other techniques If possible, run code at server! server String

    encryption Hide sensitive strings eg “Secure” Native code Java Native Interface reflection Proxy Introduces indirection Class encryption Use DexGuard

34. dexguard Same config proguard++ Commercial Good value for the money

    Tamper checks

35. proguard tips Test! release build Mapping.txt Save! Crash? Supported on

    Crashlytics, Crittercism, ...

36. TAMPER DETECTION

37. Environment 1.installer 2.debugger / emulator 3.BINARY Validation Tamper detection /

    protection

38. INSTALLER PLAY STORE INSTALLER

39. debugger Debugger check

40. debugger Debugger check

41. emulator EMULATOR check

42. SIGNING KEY Valid signing key ! • SHA1 of signing

    cert • Embed • Check with runtime signature !

43. SIGNING KEY Valid signing key

44. rooted device root detection ! • Check typical apps /

    files • Check keys • … !
45. None

46. local Data protection Avoid it if you can Avoid External

    storage Avoid external storage for sensitive information For critical info set android:saveEnabled="false" Backup set android:allowBackup=false proper permissions MODE_PRIVATE with files

47. local Data protection getWindow().setFlags(LayoutParams.FLAG_SECURE, LayoutParams.FLAG_SECURE); avoid screen shots LOGOUT on

    inactivity if usability allows and clear the cached information

48. keylogger

49. encryption

50. bouncy castle Android = subset of upstream release cut-down CONSISTENT

    Consistent crypto across Android versions MINIMAL change github.com/rtyley/spongycastle Spongy castle Repackage of Bouncy Castle for Android

51. encryption libs SQLCipher sqlcipher.net ! • Modified version of SQLite

    • AES-256 encryption • Drop-in replacement ! iocipher guardianproject.info/code/iocipher ! Virtual encrypted disk

52. key management Store along with the data (file private to

    the app) Store Embed Embed in source code (obfuscated ?) EASY TO EXTRACT

53. key management don’t store Don’t store the key on the

    device Have it entered each time necessary Store In systems service SOLUTIONS

54. key derivation Long random strings of bits encryption keys people

    vs keys Users are familiar with passwords Crypto algo PBKDF2WithHmacSHA1 password based encryption Generate strong crypto keys based on humanly-manageable passwords

55. proper key derivation Using a salt protects from table- assisted

    / pre-computed dictionary attacks SALT key stretching Repeat the key derivation operation multiple times to produce the final key Slows down brute force attacks https://github.com/nelenkov/android-pbe http://nelenkov.blogspot.jp/2012/04/using-password-based-encryption-on.html Nikolay Elenkov

56. KEYCHain? Keystore provider ! • Since Android 4.3 • Can

    be hardware-backed https://github.com/nelenkov/android-keystore Nikolay Elenkov

57. network

58. Secure communication channel use https Use SSL / TLS !

    • Confidentiality • Authentication ! VALIDATION Hostname verification ! Certificate pinning

59. secure communication channel hostname verification

60. Trustmanager StrongTrustManager ! • Validate whole certificate chain • Debian

    certificate store !

61. self-signed cert

62. self-signed cert don’t trust all!

63. certificate pinning echo | openssl s_client -connect host:443 2>&1 |

    sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > mycertificate.pem get certificate (openssl) embed in application /res/raw Custom trustmanager Based on keystore Load into keystore SSL context Init SSL context with TrustManager https://developer.android.com/training/articles/security-ssl.html
64. None

65. Securing services Controls ! • Kill switch for specific functionality

    • Server downtime communication • Mandatory update mechanism !

66. securing services Backend REST and APIs can have similar vulnerabilities

    to web applications mitigate follow OWASP top 10

67. Effective security Using CryptoLint, we performed a study on cryptographic

    implementations in 11,748 Android applications. Overall we find that 10,327 programs – 88% in total – use cryptography inappropriately. The raw scale of misuse indicates a widespread misunderstanding of how to properly use cryptography in Android development. “ ”

68. effective security hardcoded passphrases manually seeded SecureRandom insufficient key generation

    iterations hardcoded salts non-random initialization vectors

69. security testing Static analysis Manual code review design review Analysis

    Static Dynamic Penetration testing

70. HOW TO CONTACT TWITTER: @fmaelbrancke EMAIL: [email protected] THANK YOU TWITTER:

    @tegbird EMAIL: [email protected]