Wednesday, August 10, 2011

USENIX: Analysis of Deployed Systems

Why (Special Agent) Johnny (Still) Can't Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System

The paper was written by Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, Kevin Xu and Matt Blaze, presented by Matt Blaze.

APCO Project 25 (P25) is a standard for digital two-way radio used by law enforcement in the US and worldwide. They work over a narrow band radio channel at 9600 baudes, where the sender makes all decisions, everything is multi-cast and has no concept of "ACK".

The standard does allow for optional security, like encryption (AES, DES, etc) that are configured in a manual process - though they can be rekeyed live (while in use). What is interesting about these security options is that they are not explicitly defined in the standard, which leaves it up to vendors to come up with ways configure things like encryption. So far, the paper authors haven't found any of the devices that use authentication.

Looking at attacks, you can use something similar to "ping" to actually create a map of where all of the P25s in the area are - basically, giving away locations of security personal, which can help attackers find weak spots.

There are also very easy ways to jam these devices using consumer devices, like "GirlTech IMME" (an "instant messenger" toy), which could be purchased for $15. Jammers can even be configured to jam selective traffic, like block all encrypted traffic - a good way to get users to think something is wrong with their crypto mode so they'll disable it.

While you can rekey on the fly, it does require everyone already having a key to begin with. The P25s rely on centralized keying, so if just one radio comes in that does not have the key, then everyone needs to talk in the clear. So, why bother with cryptanalysis, when you can just look for clear text [USENIX Security '95]?

The researchers recommend that the encrypted switch be disabled all together and just encrypt an entire channel, and decrease frequency of rekeying, which is actually leading to security problems and getting people to talk in the clear.

The audio and video of this presentation are now online.

Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space

The paper was written by Martin Mulazzani, Sebastian Schrittwieser, Manuel Leithner, Markus Huber and Edgar Weippl from SBA Research.

There are many places where you can now store data in the "cloud", some using simple models like FTP or more complex, like delta detection. Most sites are now trying to use deduplication, which will help save on storage space.

Looking at Dropbox, which uses Amazon Simple Storage System (S3), dedup (SHA-256) and AES for encryption. The researchers' first attack takes advantage of the hash manipulation, where they could use unauthorized file access by just having the hash value - undetectable by victim or Dropbox.

The second attack they analyzed was the "stolen host ID attack", where Dropbox uses host ID to link particular host with an account - so, once someone else takes your credentials, they can impersonate you. This attack can be easily detected, and Dropbox is now preventing this.

If you know someone else's host ID, you can store your data in their Dropbox - won't count against your storage quota, and as long as you have the address, you can continue to retrieve your data.

The audio and video of this presentation are now online.

Comprehensive Experimental Analyses of Automotive Attack Surfaces

Written by Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner and Tadayoshi Kohno.

Cars are no longer a mere mechanical device, they are controlled by tons of computer controls (ECUs) running millions of lines of code. In general, this makes the car safer, but is a problem if an attacker is able to take control of the car.

Many of these ECUs can even be reprogrammed while the car is being driven! All it would take is for one of these devices to be infected for it to spread to the rest of the vehicle. These types of controlls could allow an attacker to do things like disable breaks, disable lights or even disable the engine!

The researchers said there were three major types of systems to attack. First, indirect physical attacks work over a physical interface, though no direct access to the physical device. Short-range wireless attacks can impact things like tire pressure sensors, remote keyless entry, wifi access points and vehicle-to-vehicle communications. Third type of attack was long-range wireless attacks, taking advantage of things like HD radio or systems that are used for roadside assistance.

Every vector of attack the team worked on led to some type of system shut down.

In the indirect physical attack, the team looked at the media player that uses ISO-9660, which is apparently pretty common. They were able to come up with a WMA file that would play fine on a computer, but would reprogram a car's radio.

Their short-range wireless attack used bluetooth to take advantage of a strcpy() bug, which was completely undetectable by the user. They were also able to take advantage of a buffer overflow in the telematics unit in the car - basically, you can call a car and fill it with malicious code.

In fact, they could take their malicious "song" from before on an MP3 player with the speaker going to a phone that has called the unique cell code for the car, and the attack code was loaded by the car.

Actually managed to install an IRC client onto the telematics unit, and could use that client to get a shell on the telematics unit, getting the car to send broadcast packets to attack other cars.

You can easily use this technology to steal a car - use GPS to locate the car, use their device to unlock the car, bypass security tools and start the engine. They showed a video where they did this - drove a car away with no key!

Same researchers took advantage of these same technologies to remotely eavesdrop on people in their car - 1,500 miles away!

These telematics units contained things like ftp, telnet, nc, vi... on a UNIX like real-time operating system. Not quite secure out of the box...

How did we get here? Basically, nobody's been attacking them, so there's been no reason to protect them. But, this is improving - SAE, USCAR and US DOT are working on this. Too little, too late? Let's hope not!

The speaker ended the talk with a picture of a hacked odometer. Great talk!

The audio and video of this presentation are now online.

This post is syndicated from Thoughts on security, beer, theater and biking!