Archive for the 'Security' Category Page 2 of 21

« Older Entries
Newer Entries »
Apr 22

Car locking security is broken

in Cryptography, Security and side-channel. Comments Printable version Printable version

The key entry system used by Chrysler, Daewoo, Fiat, General Motors, Honda, Toyota, Lexus, Volvo, Volkswagen, Jaguar, and probably others is broken. This system uses the encryption algorithm called KeeLoq. It is widely used for security relevant applications, e.g., in the form of passive Radio Frequency Identification (RFID) transponders for car immobilizers and in various access control and Remote Keyless Entry (RKE) systems, e.g., for opening car doors and garage doors. The COmmunication SecuritY (COSY) research group of the Ruhr-Universität Bochum has discovered a method that allows practical attacks against devices that use this algorithm. In their paper, they show that it is technically possible to clone a device that open the car or door by eavesdropping wirelesses at most two messages.

Code Hopping algorithms

The history of remote door openers begin around 1950. At this time the transmitters were extremely simple. They sent out a single signal, and the garage door opener responded by opening or closing. As this technology became fairly common, the simplicity of this system became a big problem:
a single transmitter can be used to open any garage door.

By the 1970s, garage door openers became more sophisticated. Usually an eight DIP switches was used to assign a unique code to each door. The 256 possible combinations was enough to keep several neighbors from opening each other’s doors, but not enough to provide any real security.

This is to address this need that hopping code, also known as rolling code, was invented. Each pair of device, the transmitter and the receiver, uses the same pseudo random generator, a shared secret key and a counter to derive the next message code. It is called rolling code because each time a code is emitted the code is “burned” and the counter is incremented. As a result a new code is generated, each time a message is transmitted. Of course to work, the receiver and the transmitter need to be synchronized. It might happen that the transmitter is used out of the range of the receiver because for example a kid is playing with it. This is handled by the receiver because it accepts the few next upcoming codes. This mechanism is called in KeeLoq technical documentation the opening windows

The KeeLoq algorithm

The KeeLoq algorithm, is licensed by Microchip Technology to car makers and other entities. Each KeeLoq key or key fob uses a unique value, out of billions and billions of possibilities, to unlock a car. As the WEP and the A5 algorithm, the exact algorithm was kept secret until last year, when confidential informations were leaked by a russian site.

Similarly of what happened to the WEP and the A5 algorithm when their details became public, it turn out that attack against against KeeLoq where found by the scientific community within days. KeeLoq first cryptanalysis was done by Andrey Bogdanov using sliding techniques and efficient linear approximations. Nicolas Courtois attacked KeeLoq using sliding and algebraic methods. Eli Biham, Orr Dunkelman, Sebastiaan Indesteege, Nathan Keller and Bart Preneel. published a more efficient attack based on a weakness of the protocol in the paper called “How To Steal Cars A Practical Attack on KeeLoq“.

However theses attacks were still hard to use in practice.

The paper from Cosy research group shows that using DPA (differential power analysis), it is possible with 10 traces to recover the manufacturer key. Once it is done any key from a device from the same manufacturer can be found by sniffing at most two messages. Of course performing the DPA analysis is straightforward, but it can be accomplish in matter of weeks. What can be even more concerning is that it is likely that sooner or later manufacturer keys will be leaked on the net, and once the pandora box is open…

Mar 04

What personnal data Facebook really send to external application ?

in Confidentiality, Internet and Security. Comments Printable version Printable version

One of the Facebook key feature is the ability to add tons of custom applications developed by third party authors. They range from movie quiz to photo tagging to vampire fights. No doubt the idea is very cool but it rises the following privacy concern: what personal data about me an external application is able to get from Facebook ?

Facebook and the success of third party application

Third party applications undeniably contribute to Facebook success. The number
speaks for themselves.

Thousand of applications available

Currently the Facebook application directory list 17754 applications
that you can add to your profile.

Millions of installation

According to Inside Facebook more than 65 Millions of applications where added by users in the first month. This success is so huge that even design of the Facebook interface will evolve to add tabs to handle the increasing amount of information added by these applications. Here is a screenshot of the upcoming application:

]Bottom line: If you use Facebook, you use third party applications. Hence you should start to wonder what data you give to the application when you add it.

The Enrollment Process

The application enrollment process is straightforward. A single screen ask you if you authorize the application to get your data and in which part of your profile you want to place it:

As you can see, there is no information about the data you share with the application or a control mechanism.

The Facebook Application

In order to know, what data are accessible from a third party application, I
took a look at the Facebook API. It is publicly available here.

The most interesting part of the API is the Users.getInfo one. It allows the third party application to get data from the user. There is also a part of the API to work with Friend links but that’s an other story. When the application issues the User.getInfo query, Facebook return an XML file that contains user data.

Information available

So what’s in this XML file ? Your complete profile. Plain and simple. There is a little subtlety though. If you don’t have signup for the application the following data are not available:

  • meeting_for: list of desired relationship types corresponding to the “Looking For” profile element. If no relationship types are specified, the meeting_for element is empty. Otherwise represented as a list of seeking child text elements, which may each contain one of the following strings: Friendship, A Relationship, Dating, Random Play, Whatever I can get.
  • meeting_sex: list of desired relationship genders corresponding to the “Interested In” profile element. If no relationship genders are specified, the meeting_sex element is empty. Otherwise represented as a list of sex child text elements, which may each contain one of the following strings: male, female .
  • religion: User-entered “Religious Views” profile field. No guaranteed formatting.
  • significant_other_id: the id of the person the user is in a relationship with. Only shown if both people in the relationship are users of the application making the request.

Everything (Yes everything) is available regardless you have signup or not. Among these some can be very private:

  • current_location: User-entered “Current Location” profile fields. Contains four children: city, state, country, and zip.
  • education_history: list of school information, as education_info elements, each of which contain name, year, and concentration child elements.
  • relationship_status: User-entered “Relationship Status” profile field. Is either blank or one of the following strings: Single, In a Relationship, In an Open Relationship, Engaged, Married, It’s Complicated
  • work_history: List of work history information, as work_info elements, each of which contain location, company_name, position, description, start_date and end_date child elements. If no work history information is returned, this element is blank.
  • pic*: list of your profile picture.

Once again, If you have signup for the application, all the data are available to the third party, including the four mentioned in the beginning. I wonder what is the point to a movie quiz to know, if I am heterosexual or homosexual.

If you want to see the full list of the data sent take a look at this page.

What Facebook is doing for security ?

It is not surprising that with all this information available the Facebook API
is used for spam, hoax and so on. So what do Facebook ? It tries to restrict
developer power, by adding rate limit and making prominent the link for abuse.
Yeah but that is too late, data are already in the third party database …

Edit 03/22: It seems that facebook now offers a way more advanced to filter personnal informations. That is a very good thing (Does Facebook developper read my blog ? :) ).

A better control of privacy ?

So what can we do ? The solution exists, at least in research lab, it is called selective access control for XML documents. The underlying idea is to provide various level of access to the same XML file. In our Facebook case it could be used to create various level based on the nature of the application. For instance a quiz application does not need to know where I work or if I am married.

If you would like to know more about selective control access, you can read “Securing XML Documents” (pdf) by E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Sarnarati

« Older Entries
Newer Entries »