A 5 security x line platform
-
Upload
line-corporation -
Category
Technology
-
view
6.451 -
download
2
Transcript of A 5 security x line platform
![Page 1: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/1.jpg)
![Page 2: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/2.jpg)
1 LINE Architecture 2 Transport Security 3 Messaging and VoIP Security 4 Device Security
![Page 3: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/3.jpg)
LINE Architecture
LINE Android Talk Server User DB
LINE
LINE iOS
LINE Desktop
Timeline
Auth
Media
LEGY Bot / OA
LEGY encryp t ion
SPDY/2
LEGY encryp t ion
SPDY/2
LEGY encryp t ion
SPDY/2
HTTP/HTTPS
![Page 4: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/4.jpg)
LEGY
Line Event GatewaY
And more
Routing
Transport encryption
http://developers.linecorp.com/blog/?p=2381 http://developers.linecorp.com/blog/?p=2709
![Page 5: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/5.jpg)
TLS Problems
Current version – TLS v1.2
TLS v1.3 aims to provide some solutions
Requires several round-trips to complete handshake
High RTT on mobile networks
• simplified handshake • 0-RTT • but not final yet (draft status)
https:// t lswg.github.io/ t ls13-spec/
![Page 6: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/6.jpg)
Current version
• pinned RSA keys +AES • no X.509 certificates • 0-RTT handshake • no forward secrecy (FS)
LEGY Encryption
Lightweight TLS alternative
![Page 7: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/7.jpg)
LEGY Encryption FS
Forward secrecy (FS)
Elliptic curve cryptography (ECC)
0-RTT handshake
AES-GCM for app data encryption
ECDH-based key exchange
first message under client ephemeral/server static subsequent messages under ephemeral/ephemeral
![Page 8: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/8.jpg)
Messaging E2EE • End- to-end enc r yp t ion (E2EE) f o r L INE - Le t t e r Sea l ing • I n t roduced in Oc t 2015/ L INE 5 .3 .0 • I n i t i a l l y iOS/Andro id on ly • Appl i ed to t ex t and loca t ion messages
h t t p : / / d e v e l o p e r s . l i n e c o r p . c o m / b l o g / ? p = 3 6 7 9
![Page 9: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/9.jpg)
Letter Sealing Evolution • Group cha t suppor t • Secondar y dev ice suppor t • Sta tus ind ica to r • ON by de fau l t iOS/Android 6.5.0+ Mac/Win 4.8.0+ • Planned enhancements Media encryption h t t p : / / d e v e l o p e r s . l i n e c o r p . c o m / b l o g / ? p = 3 6 7 9
![Page 10: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/10.jpg)
Sending an Encrypted Message
LINE User 1 Talk
Server
1.user2 ’ s pub l ic key?
2 .send message
( ID :456 , pub key) LINE User 2
Message
AES encryp t
Message
to :user2 f rom:user1 toKeyID :456 f romKey ID :123 [sa l t ] [encryp ted da ta]
Message to :user2 f rom:user1 tex t : ’He l lo ’
![Page 11: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/11.jpg)
Receiving an Encrypted Message
LINE User 1 Talk
Server
3.push message
4 .user1 ’ s pub l ic key?
( ID :123 , pub key)
LINE User 2
Message
Message
AES decryp t to :user2 f rom:user1 toKeyID :456 f romKey ID :123 [sa l t ] [encryp ted da ta]
Message to :user2 f rom:user1 tex t : ’He l lo ’
![Page 12: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/12.jpg)
Encrypted Message Exchange
LINE User 1 Talk
Server
1.user2 ’ s pub l ic key?
2 .send message
( ID :456 , pub key)
3 .push message
4 .user1 ’ s pub l ic key?
( ID :123 , pub key)
LINE User 2
Message
Message
AES encryp t to :user2 f rom:user1 toKeyID :456 f romKey ID :123 [sa l t ] [encryp ted da ta]
Message to :user2 f rom:user1 tex t : ’He l lo ’
AES decryp t
Message to :user2 f rom:user1 tex t : ’He l lo ’
![Page 13: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/13.jpg)
Encryption Method Message user 1
shared secret KDF
(SS, sa l t ) KDF (SS, sa l t )
user1 p r iv key
user2 pub key
Keychain key ID:123 [p r iv key]
[user2 pub key]
[userN pub key]
ECDH (Curve22519)
user2 p r iv key
user1 pub key
Message
AES encryp t to :user2 f rom:user1 toKeyID :456 f romKey ID :123 [sa l t ] [encryp ted da ta]
Message to :user2 f rom:user1 tex t : ’He l lo ’
AES decryp t
Message to :user2 f rom:user1 tex t : ’He l lo ’
Keychain key ID:456 [p r iv key]
[user1 pub key]
[userN pub key]
user 2
![Page 14: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/14.jpg)
Key Verification Android
Chat Settings > Encryption Key iOS
Settings > Encryption Key
![Page 15: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/15.jpg)
Group Chat Support
Dedicated shared key is generated for each group
Encrypted shared key distributed to all members
Principle is same as 1:1 chats
Shared key is replaced when members leave or join
Key-encryption key derived for each member
ECDH key exchange AES encryption
![Page 16: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/16.jpg)
Group Key Registration
LINE User 1
Talk Server
1.group1 member pub keys?
(user1 pubK,user2 pubK,user3 pubK)
3 .enc . g roup skey
Keychain
key ID:123 [p r iv key]
[g roup shared key]
[user3 pub key]
[user2 pub key]
Group Key fo r user1* [encryp ted skey]
fo r user2 [encryp ted skey]
fo r user3 [encryp ted skey]
2 .gen . g roup shared key
4 . reg is t e r g roup1 shared key
Group 1
Group Key fo r user1* [encryp ted skey]
fo r user2 [encryp ted skey]
fo r user3 [encryp ted skey]
user1
user2
user3
![Page 17: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/17.jpg)
Group Key Distribution
LINE User 2 Talk
Server
1.group1 shared key?
(enc . skey fo r user2)
1 .g roup1 shared key?
(enc . skey fo r user3)
LINE User 3
Message
Keychain
key ID:456 [p r iv key]
[g roup1 shared key]
Group Key fo r user1* [enc ryp ted skey]
fo r user2 [enc ryp ted skey]
fo r user3 [enc ryp ted skey]
Keychain
key ID:789 [p r iv key]
[g roup1 shared key]
2 .decryp t & save g roup shared key
2 .decryp t & save g roup shared key
![Page 18: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/18.jpg)
VoIP E2EE • L INE 6 .5 .0+ • ECDH key exchange ephemeral keys server-mediated custom SIP headers • Media s t ream enc r yp t ion SRTP AES-CTR + HMAC-SHA1
![Page 19: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/19.jpg)
Device Security
True Delete - Since 5.3.0
More advanced data protection features
coming soon
Overwrit ing NULL
http://developers.linecorp.com/blog/?p=3660
![Page 20: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/20.jpg)
LINE Encryption Whitepaper
Detailed cryptographic protocol specification
Covers
Available now at
transport encryption Letter Sealing
https://linecorp.com/en/security/artic le/37
messaging E2EE VoIP E2EE
![Page 21: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/21.jpg)
![Page 22: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/22.jpg)
1 Risk Assessment 2 Anti-Spam/Game Abusing 3 Bug Bounty Program
![Page 23: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/23.jpg)
Risk Assessment Monitoring Bug Bounty
Design Implement QA Operate
![Page 24: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/24.jpg)
Risk Assessment
Server
• XSS • CSRF • Path Traversal • Open-Redirect
Client
Web
Server
• Analyzing the protocol • Abusing/Cheating • Bot (un-off ic ial cl ient)
Client
LINE / Game
• Reversing • Modifying
![Page 25: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/25.jpg)
Risk Assessment
Server
• Analyzing the protocol • Abusing/Cheating • Bot (un-off ic ial cl ient)
Client
LINE / Game
• Reversing • Modifying
![Page 26: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/26.jpg)
Reverse engineering
Malware analysis
Vulnerability diagnosis/
investigation
Illegal copy of contents
Software tracking, cheating
Reverse engineering is a process of analyzing software/hardware and examining operating principles, source code, and development methods.
Purpose of use (examples)
![Page 27: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/27.jpg)
Change in game environment
Cheat tools are created
Possible to level up without spending money and time
Bots are created Online, item purchase
Android, iOS opening up of the platform
![Page 28: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/28.jpg)
Security Measures
Enhance security to the level where it is difficulty to abuse/cheat
Bot/abuser detection is performed on the server side
General cheat tool counter measure Encryption of locally stored data Encryption of communication between games and servers ARM/IL analysis measure
Abuser detection/automation
![Page 29: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/29.jpg)
RA for LINE Games Memory / file cheat
• Possible to prevent it by storing score and other data on the server • Status data, such as attack power and HP, are fully handled on the client, and there is no counter measure for them.
From GameHacker
![Page 30: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/30.jpg)
RA for LINE Games Speed hack
Ex.1: Stamina power recovery (possible to prevent)
Stamina: 40 / 100
Time: 12:54
Stamina: 40 / 100 Sync Abuser: added extra 20 min
to in-game t ime
Time: 12:34 Not ice
Stamina power recovery
Time: 12:34 Time: 12:34 Sync Since i t does not match server-side
t ime, the notice is rejected.
![Page 31: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/31.jpg)
RA for LINE Games Speed hack
Ex.2: Time attack (impossible to prevent)
Time: 12:20
Time: 12:21
Time: 12:20 Sync
Star t a stage
Time: 12:21 Not ice
Stage clear notice
• Play game at twice the speed • Fake a stage clear notice
I f set to a real ist ic t ime, the server cannot detect the hack.
![Page 32: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/32.jpg)
RA for LINE Games MITM (Man-In-The-Middle)
• I f i t is just HTTPS, communication is analyzed by MITM • SSL pinning should be performed in the game
However, the data is decrypted in the game. Hence, there is no perfect counter measure.
certificate
Possible to view communication
![Page 33: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/33.jpg)
RA for LINE Games MITM (Man-In-The-Middle)
• Place proxy certif icate in device • With only HTTPS, communication is cryptanalyzed by MITM • [Measure]Execute SSL Pinning (certif icate check) in game
Check certificate
![Page 34: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/34.jpg)
SSL Pinning
public static bool ValidateServerCertificate (object sender,System.Security.Cryptography.X509Certificates.X509Certificate certificate, X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) { string chash = certificate.GetCertHashString (); if (chash == " (hardcoded hash)") return true; // SSL certificate check ok return false; }
Examples of code to check certif icate of communication partner in game (Check routine may be removed)
![Page 35: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/35.jpg)
RA for LINE Games
Unity C# -> CIL (DLL) -> Decompile *.dll C# -> CIL -> ASM(il2cpp) -> Disassemble libil2cpp.so
Cocos2d-x C++ -> .so -> Disassemble *.so
![Page 36: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/36.jpg)
RA for LINE Games
Unity C# -> CIL (DLL) -> Decompile *.dll
From ILSpy
public void TakeDamage (int amount) { damaged = true; currentHealth -= amount; healthSlider.value = currentHealth; playerAudio.Play (); if(currentHealth <= 0 && !isDead) Death (); }
public void TakeDamage(int amount) { this.damaged = true; this.currentHealth -= amount; this.healthSlider.set_value( (float)this.currentHealth); this.playerAudio.Play(); if (this.currentHealth <= 0 && !this.isDead) { this.Death(); } }
![Page 37: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/37.jpg)
RA for LINE Games
Unity C# -> CIL -> ASM(il2cpp) -> Disassemble libil2cpp.so
From IDA
public void TakeDamage (int amount) { damaged = true; currentHealth -= amount; healthSlider.value = currentHealth; playerAudio.Play (); if(currentHealth <= 0 && !isDead) Death (); }
![Page 38: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/38.jpg)
RA for LINE Games
From IDA
![Page 39: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/39.jpg)
Security Measures
Enhance security to the level where it is difficulty to abuse/cheat
Bot/abuser detection is performed on the server side
General cheat tool counter measure Encryption of locally stored data Encryption of communication between games and servers ARM/IL analysis measure
Abuser detection/automation
![Page 40: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/40.jpg)
Security Measures
Duration/period/frequency of game play
Timing of level up Timing of stage clear Item usage history (including payment) IP bandwidth
Detect anomalies based on the characteristics below, while taking false positives into utmost consideration
Human Bot
![Page 41: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/41.jpg)
Anti-Spam Message
Spammer’s Account
Security CS
spam message
Users
Anti-Spam
block Repor t Query
LINE • Block rule • Text mining • Human check
Check flow
![Page 42: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/42.jpg)
Anti-Spam/Abusing
Operator takes necessary measures (e.g. adding rules)
Finds potential loopholes for the abuser (measures for the measure)
Operator takes additional measures (return to 2.)
Datasets change
Datasets change
Datasets change
![Page 43: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/43.jpg)
Anti-Spam/Abusing
Datasets change periodically
False positives of less than 0.01%
Datasets change
Datasets change
Datasets change
Able to explain the cause of false positives
There is a limit to detection by machine learning based on similarity. (Manual check is essential.)
![Page 44: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/44.jpg)
Anti-Spam/Abusing
Bring client (app) measure to a certain level
Automate server-side as much as possible
Final check to be done manually (as needed)
We intend to explore this area and implement further automation
![Page 45: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/45.jpg)
Bug Bounty Program https://bugbounty. l inecorp.com/ja/
![Page 46: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/46.jpg)
Bug Bounty Program
0
5
10
15
20
25
The number of reports
6/2 6/16 6/30 7/14 7/28 8/11
Category
XSS
CSRF
RCE
Auth bypass
Purchase bypass
Encryption break
Other
![Page 47: A 5 security x line platform](https://reader034.fdocuments.us/reader034/viewer/2022052606/5870f8161a28ab5f528b5115/html5/thumbnails/47.jpg)