Alex Zhang
CS702 - iOS Security
How to contact me?
• 1. Ask the question on Piazza.
• 2. Send an email to [email protected].
• 3. Discussion on Thursday.
• 1. I will upload lectures to our course website as soon as possible.
• 2. I will upload recordings via mediapublish and make an announcement on Canvas.
Teaching philosophy
• 1. When introducing a kind of technology, I’d like to introduce a panorama of the knowledge. This is good for you to learn when and why the technology is a good choice to solve some specific problem.
• 2. When introducing a kind of technology, I’d like to take concrete examples. This is good for you to learn how to correctly apply the technology.
• 3. Any comments and suggestions from you will be highly appreciated.
• 4. Help you to think as deeply as possible. It may be not easy but it must improve your ability.
Man in the middle attackhttps://www.zdnet.com/article/dozens-of-popular-iphone-apps-vulnerable-to-man-in-the-middle-attacks/
• In 2017, A flaw in certificate pinning – which normally improves security – meant that standard tests missed a serious vulnerability that would allow hackers to carry out a man-in-the-middle attack and take full control of a victim’s online banking.
• Among the 33 named apps, Uconnect Access can leak usernames and passwords, allowing an attacker to interfere with a user's vehicle, while Huawei HiLink can leak device data, and geolocation data and even keystrokes can be intercepted from users of Cheetah Browser.
• Over 40 apps were confirmed as medium or high risk of man-in-the-middle attacks, allowing an attacker to intercept financial or medical service credentials.
Man in the middle attack
• Certificate Pinning
• Public Key Pinning
• SSL/TLS Pinning
• Public Key Infrastructure
• X.509 certificate
Why weak passwords are dangerous?
• 1. Password dictionary
• 123456, qwerty, 123456789, password, q1w2e3r4, admin, 111111, etc.
• 2. Offline dictionary attack VS Online dictionary attack
• Reduce the attempt times (Continuously fail 5 times-lock to delay; 10 times-delete personal data)
• 3. Hash function
• Save password as a plaintext in the database is not a good choice, also for Hash(password)
• When designing Apps, you’d better save (r, Hash(r||password)) unless the law is not allowed.
Why do we need strong passcodes?
• 4. Pseudorandom Number Generator
• In the stream cipher, the PRNG has to use a random number r to concatenate with the password.
• Using PRNG(password) as the private key are not good idea for Apps.
• At least add another random number, often called “Initial Vector, (IV)”.
• Another way is to save a mapping for (password, random number), and use random number with sufficient length as the key.
The usage of pseudorandom generatorWired Equivalence Privacy, Wi-Fi Protected Access
Wi-Fi Protected Access 2 and 3 802.11i
Schedule
• Week 7
• Tuesday-Thursday, May 5-7
• Code Signing, PKI
• Week 8
• Tuesday-Thursday, May 12-14
• DEP and ASLR, Sandboxing
• Week 9
• Tuesday-Thursday, May 19-21
• Encryption, Privacy
iOS SecurityAuthentication and Access Control
• Hardware security, System security
• Hard root of trust (Secure Enclave) + Chain of trust, iOS update strategy
• Data security
• File encryption
• App security
• Digital signature, App store, Sandboxing
• Services security
Digital signature scheme
• Key generation algorithm
• Security Parameter: n, Public Key: pk, Private Key: sk.
• , this algorithm must be a probabilistic algorithm.
• Signature algorithm
• Message: m, Private Key: sk, Signature: s.
• , this algorithm can be a probabilistic/deterministic algorithm.
• Verification algorithm
• Message m, Public Key: pk, Signature s.
• , this algorithm is a deterministic algorithm.
Gen(1n) → (pk, sk)
Sign(m, sk) → s
Vrfy(m, s, pk) → T/F
Developer
Developer
Developer
Root of Trust Chain
Root of Trust Chain