Alex Zhang

CS702 - iOS Security

How to contact me?

• 1. Ask the question on Piazza.

• 2. Send an email to zhang.alex@auckland.ac.nz.

• 3. Discussion on Thursday.

• 1. I will upload lectures to our course website as soon as possible.

• 2. I will upload recordings via mediapublish and make an announcement on Canvas.

Teaching philosophy

• 1. When introducing a kind of technology, I’d like to introduce a panorama of the knowledge. This is good for you to learn when and why the technology is a good choice to solve some specific problem.

• 2. When introducing a kind of technology, I’d like to take concrete examples. This is good for you to learn how to correctly apply the technology.

• 3. Any comments and suggestions from you will be highly appreciated.

• 4. Help you to think as deeply as possible. It may be not easy but it must improve your ability.

Man in the middle attackhttps://www.zdnet.com/article/dozens-of-popular-iphone-apps-vulnerable-to-man-in-the-middle-attacks/

• In 2017, A flaw in certificate pinning – which normally improves security – meant that standard tests missed a serious vulnerability that would allow hackers to carry out a man-in-the-middle attack and take full control of a victim’s online banking.

• Among the 33 named apps, Uconnect Access can leak usernames and passwords, allowing an attacker to interfere with a user's vehicle, while Huawei HiLink can leak device data, and geolocation data and even keystrokes can be intercepted from users of Cheetah Browser.

• Over 40 apps were confirmed as medium or high risk of man-in-the-middle attacks, allowing an attacker to intercept financial or medical service credentials.

Man in the middle attack

• Certificate Pinning

• Public Key Pinning

• SSL/TLS Pinning

• Public Key Infrastructure

• X.509 certificate

Why weak passwords are dangerous?

• 1. Password dictionary

• 123456, qwerty, 123456789, password, q1w2e3r4, admin, 111111, etc.

• 2. Offline dictionary attack VS Online dictionary attack

• Reduce the attempt times (Continuously fail 5 times-lock to delay; 10 times-delete personal data)

• 3. Hash function

• Save password as a plaintext in the database is not a good choice, also for Hash(password)

• When designing Apps, you’d better save (r, Hash(r||password)) unless the law is not allowed.

Why do we need strong passcodes?

• 4. Pseudorandom Number Generator

• In the stream cipher, the PRNG has to use a random number r to concatenate with the password.

• Using PRNG(password) as the private key are not good idea for Apps.

• At least add another random number, often called “Initial Vector, (IV)”.

• Another way is to save a mapping for (password, random number), and use random number with sufficient length as the key.

The usage of pseudorandom generatorWired Equivalence Privacy, Wi-Fi Protected Access

Wi-Fi Protected Access 2 and 3 802.11i

Schedule

• Week 7

• Tuesday-Thursday, May 5-7

• Code Signing, PKI

• Week 8

• Tuesday-Thursday, May 12-14

• DEP and ASLR, Sandboxing

• Week 9

• Tuesday-Thursday, May 19-21

• Encryption, Privacy

iOS SecurityAuthentication and Access Control

• Hardware security, System security

• Hard root of trust (Secure Enclave) + Chain of trust, iOS update strategy

• Data security

• File encryption

• App security

• Digital signature, App store, Sandboxing

• Services security

Digital signature scheme

• Key generation algorithm

• Security Parameter: n, Public Key: pk, Private Key: sk.

• , this algorithm must be a probabilistic algorithm.

• Signature algorithm

• Message: m, Private Key: sk, Signature: s.

• , this algorithm can be a probabilistic/deterministic algorithm.

• Verification algorithm

• Message m, Public Key: pk, Signature s.

• , this algorithm is a deterministic algorithm.

Gen(1n) → (pk, sk)

Sign(m, sk) → s

Vrfy(m, s, pk) → T/F

Developer

Developer

Developer

Root of Trust Chain

Root of Trust Chain