Details

Autor(en) / Beteiligte

• Alves, João Diogo Gaspar

Titel

Security Analysis of a Closed-Source Signal Protocol Implementation

Ort / Verlag

ProQuest Dissertations & Theses

Erscheinungsjahr

2018

Quelle

ProQuest Dissertations & Theses A&I

Beschreibungen/Notizen

• In recent years, with the reveal of mass surveillance programs targeting online communication came a growing interest for properties such as privacy and security of that very same communication. One way to ensure those properties is by using cryptographic protocols such as the Signal Protocol to secure the communication channel. However, this protocol is fairly recent therefore there is a limited amount of study regarding its security and its implementations’ security. With this work, we seek to tackle that problem by providing some more knowledge regarding this specific topic.After performing a relevant literature review in order to understand the state of the art and also to identify the underdeveloped areas that should be focused, we performed a security analysis of a popular Signal Protocol implementation. For that, we took a hands-onapproach which involves reverse engineering an application using said implementation, analysing its interaction with the filesystem, dynamically tracing some parts of the protocol in execution and testing the protocol’s behaviour in an unlikely yet possible device cloning scenario. A secondary objective of this work, resulting from the approach taken, is to incentivize the analysis and audit of closed-source applications and demystify the associated difficulty and complexity. In this work, we intentionally refrained from analysing network data and elliptic-curve and signature scheme implementations as it was considered to be out of scope.Overall, our results matched the initial expectations set by the existing pertinent literature, with no major flaws being detected. However, our last test scenario did generate some erratic and elusive behaviour that could be considered a small security vulnerability and a hint of the existence of potential serious vulnerabilities, if some of the observed behaviour is controllable.In the end, we contributed with yet another independent analysis using a different approach that found no major problems with the protocol and its implementations, besides our specific test scenario, in accordance with the existing literature. In the specific test scenario we found some interesting investigation clues to be pursued in future research.