Actually, more seriously, I see this as a guide for law enforcement to do bulk data extraction, once they have coerced a suspect to turn over their password. It could also be used by root-capable malware, that can read volatile memory and copy the database over the network.
I really don't know what we can do to combat either scenario. On Wed, Oct 26, 2016, at 12:33 PM, Nathan of Guardian wrote: > Yes. We passed the audit with flying colors! :) > > On Wed, Oct 26, 2016, at 11:54 AM, Hans-Christoph Steiner wrote: > > > > Wait, what? Did they really just include this sentence in their > > abstract: > > > > "we devise a technique able to decrypt them when the secret passphrase, > > chosen by the user as the initial step of the encryption process, is > > known. " > > > > Am I wrong in reading this as: > > "we can unlock chatsecure when we know the password" > > > > .hc > > > > Chris Ballinger: > > > This looks like a silly report, and would apply to any other app using > > > SQLCipher in a long running process, and in this case it's required to > > > receive messages in the background. From a quick read it looks like the > > > same passphrase is stored twice in memory for both the media and message > > > store which helps their recovery process, but once you have physical > > > access > > > to a decrypted device in USB debugger mode there's all sorts of other ways > > > you can recover it. > > > > > > > > >> we devise > > >> a technique able to decrypt them when the secret passphrase, chosen by > > >> the user as the initial step of the encryption process, is known. > > > > > > > > > It's pretty obvious how you'd decrypt a SQLCipher database when the > > > passphrase is known. > > > > > > Furthermore, we show how this passphrase can be identified and extracted > > >> from the volatile memory of the device, where it persists for the entire > > >> execution of ChatSecure after having been entered by the user, thus > > >> allowing one to carry out decryption even if the passphrase is not > > >> revealed by the user. > > > > > > > > > This is how encrypted databases work and there's not really a way around > > > it. You can encrypt the key in memory, but then you gotta keep the key for > > > the key somewhere else in memory. Even on iOS where you can store keys in > > > the device keychain, when the database is active the key needs to be in > > > memory somewhere. > > > > > > Finally, we discuss how to analyze and correlate the data stored in the > > >> databases used by ChatSecure to identify the IM accounts used by the > > >> user and his/her buddies to communicate, as well as to reconstruct the > > >> chronology and contents of the messages and files that have been > > >> exchanged among them. > > > > > > > > > It's pretty easy to dump SQL tables.. > > > > > > > > > > > > > > > > > > > > > On Wed, Oct 26, 2016 at 10:23 AM, Nathan of Guardian < > > > [email protected]> wrote: > > > > > >> A great publication that really looks into detail on how we use > > >> SQLCipher, IOCipher and CacheWord in ChatSecure Android, and many other > > >> apps. > > >> > > >> Any thoughts on possible improvements to key management, data > > >> reducation, etc, would be great to hear. > > >> > > >> *** > > >> > > >> Tweet: https://twitter.com/arxiv_org/status/790671148002398208 > > >> > > >> and publication: > > >> https://arxiv.org/abs/1610.06721 > > >> > > >> Forensic Analysis of the ChatSecure Instant Messaging Application on > > >> Android Smartphones > > >> > > >> Cosimo Anglano, Massimo Canonico, Marco Guazzone > > >> (Submitted on 21 Oct 2016) > > >> We present the forensic analysis of the artifacts generated on Android > > >> smartphones by ChatSecure, a secure Instant Messaging application that > > >> provides strong encryption for transmitted and locally-stored data to > > >> ensure the privacy of its users. > > >> We show that ChatSecure stores local copies of both exchanged messages > > >> and files into two distinct, AES-256 encrypted databases, and we devise > > >> a technique able to decrypt them when the secret passphrase, chosen by > > >> the user as the initial step of the encryption process, is known. > > >> Furthermore, we show how this passphrase can be identified and extracted > > >> from the volatile memory of the device, where it persists for the entire > > >> execution of ChatSecure after having been entered by the user, thus > > >> allowing one to carry out decryption even if the passphrase is not > > >> revealed by the user. > > >> Finally, we discuss how to analyze and correlate the data stored in the > > >> databases used by ChatSecure to identify the IM accounts used by the > > >> user and his/her buddies to communicate, as well as to reconstruct the > > >> chronology and contents of the messages and files that have been > > >> exchanged among them. > > >> For our study we devise and use an experimental methodology, based on > > >> the use of emulated devices, that provides a very high degree of > > >> reproducibility of the results, and we validate the results it yields > > >> against those obtained from real smartphones. > > >> > > >> > > >> > > >> -- > > >> Nathan of Guardian > > >> [email protected] > > >> _______________________________________________ > > >> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > >> To unsubscribe, email: [email protected] > > >> > > > > > > > > > > > > _______________________________________________ > > > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > To unsubscribe, email: [email protected] > > > > > > > -- > > PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556 > > https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556 > > _______________________________________________ > > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To unsubscribe, email: [email protected] > > > -- > Nathan of Guardian > [email protected] -- Nathan of Guardian [email protected] _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: [email protected]
