SlideShare a Scribd company logo

Building user-centric security model in iOS apps

EatDog
EatDog

Доклад Анастасии Войтовой на "Съесть собаку #4" 18/08/2016 Тезисы: - Как построить прозрачную и надёжную security layers system? - Что происходит с системой безопасности, если взламываются сервера или ключи приложения? - До каких пор система безопасности остаётся надёжной? - Что будет, если уникальные криптоключи или пароли пользователя предадутся огласке? - Что за собой несёт изменение системы безопасности iOS10 и как с этим жить? - Выводы. Подробнее: http://eatdog.com.ua/

Software
1 of 79
Download to read offline
Building user-centric security model in iOS apps #eatdog @vixentael
#eatdog @vixentael Why we should think more about security?
Users trust Apple platform Users trust us Why we should think more about security? #eatdog @vixentael
Security talks focus on details, instead of telling the base principles #eatdog @vixentael
#eatdog @vixentael abstract app in a vacuum
#eatdog @vixentael security is set of ultimatum rules security abstract app in a vacuum
#eatdog @vixentael security is set of ultimatum rules abstract app in a vacuum real apps, real ecosystems
#eatdog @vixentael App Flow App Features Code User Problem
Risk Threat Model Secure Methods Secure Implemen- tations Libs/ Code App Flow App Features Code User Problem #eatdog @vixentael
It is secure #eatdog @vixentael
It is secure against certain threat model and adversary It is secure #eatdog @vixentael
https://twitter.com/mubix/status/745403991475904513 #eatdog @vixentael
Risk Model & Threat Model create demands for security #eatdog @vixentael
Real world risks Data leak/ data tampering Reputation risks Legal responsibility Financial damage #eatdog @vixentael
Risk impact Data is used/sold by someone Data is tampered and you’re operating on adversary’s plan Identity/auth is used elsewhere DL DT data leakage data tampering identity theft
Risk prevention data leakage data tampering identity theft confidentiality (secrecy) integrity authentication #eatdog @vixentael
- Encryption w/ secret or PKC - Limit access - Signed encryption - Protected transport with trust and integrity - Authenticated encryption - Action authentication Risk prevention (for us) confidentiality (secrecy) integrity authentication #eatdog @vixentael
Encryption is letting only those who know the secret to access the data, no matter how they alter the code or the system (read Kerckhoffs's desideratum) #eatdog @vixentael
Trust model is whose secrets you trust in a security system #eatdog @vixentael
Everything is broken #eatdog @vixentael Trust no one, but the user
Risks Trust model Threat model Methods and instruments #eatdog @vixentael
Now let’s apply this to the real app #eatdog @vixentael
secret data paranoia pa55w0rd #eatdog @vixentael trust What user has?
for saving your important docs during trips Let’s make an app!
Take pictures of important documents App functionality Store them on server Lets user see them #eatdog @vixentael
Architecture and flow #eatdog @vixentael user app network server storage
#eatdog @vixentael T2 T3 passive MitM active MitM T1/T4 data loss/ tampering Threats we can handle
More complicated.. #eatdog @vixentael T2 T3 passive MitM active MitM T1/T4 data loss/ tampering T5verbal key leak T6 phishing / social engineering T7 rubber-hose cryptanalysis T8 satellite imaging of sensitive input T9EM emissions T10sandbox escaping T11misconfiguration T12 random generator abuse T13 random generator abuse T14 EM emissions and physical side channel T15 physical access T16 malicious dependency T17 misconfigured access T18 unattended backups T19 storing keys with data T20 weak cipher random generator abuse T21
#eatdog @vixentael Back to threats we can handle T2 T3 passive MitM active MitM T1/T4 data loss/ tampering
#eatdog @vixentael Threats: T1/T4 attacker steals stored data or tampers it
attacker steals stored data or tampers it Threats: T1/T4 Secret Key Crypto Protection Symmetric crypto for storing data. If user has no secret, he can’t read or change data. #eatdog @vixentael
#eatdog @vixentael Threats: T2 attacker captures network traffic (passive MitM)
Threats: T2 attacker captures network traffic (passive MitM) Public Key Cryptography, ephemeral keys Protection Asymmetric crypto for sending data. Ephemeral keys to avoid decrypting accumulated traffic if keys are leaked/cracked. #eatdog @vixentael
#eatdog @vixentael Threats: T3 attacker redirects traffic and pretends to be remote party (active MitM)
Threats: T3 attacker redirects traffic and pretends to be remote party (active MitM) Public Key Cryptography, certificate pinning Protection Asymmetric crypto for sending data. Check server certificate to make sure it matches with pinned one. #eatdog @vixentael
Protection methods T2 T3 passive MitM active MitM T1/T4 data loss/ tampering Secret Key Crypto PKC + ephem. keys PKC + cert. pinning #eatdog @vixentael
Public Key Crypto Perfect Forward Secrecy Secret Key Crypto Authenticated Encryption Certificate Pinning Trust model Trust the user only #eatdog @vixentael
Relationship model plain data symmetric encryption PKC + eph. keys symmetric encryption PKC + eph. keys ZKP ZKP #eatdog @vixentael
…what if trapdoor function fails? …what if key exchange is flawed? …what if we suspect that server is fraudulent? #eatdog @vixentael add more paranoia!
…what if trapdoor function fails? …what if key exchange is flawed? add more paranoia! …what if we suspect that server is fraudulent? Zero Knowledge Proof for the rescue! #eatdog @vixentael
ZKP is comparing shared secret without transmitting it does not require the key exchange, does not leak password https://www.cossacklabs.com/zero-knowledge-protocols-without-magic.html #eatdog @vixentael
So, data model: Secret key (SK) = KDF(user password) #eatdog @vixentael
Secret key (SK) = KDF(user password) Sensitive Data (SD) — passport photo Metadata (M1) — timestamp+CRC of photo Metadata (M2) — name of photo (user inputs) #eatdog @vixentael So, data model:
Secret key (SK) = KDF(user password) Sensitive Data (SD) — passport photo Metadata (M1) — timestamp+CRC of photo Metadata (M2) — name of photo (user inputs) Mobile Key Pair (MKP) — private+public keys gen. inside app. Server Key Pair (SKP) — private+public keys gen. on server. App pins Server Public Key. #eatdog @vixentael So, data model:
Pwd Key + Data model #eatdog @vixentael SDM1 M2 MKP SKP SK
Pwd MKP SKP SK symmetric encryption PKC + eph. keys PKC + eph. keys Rand KDF() Rand User-centric trust #eatdog @vixentael
App Flows #eatdog @vixentael
Crypto primitives* Symmetric cryptoSCell Asymmetric crypto based on ephemeral keys SSession SComparator ZKP implementation #eatdog @vixentael *based on Themis crypto lib https://github.com/cossacklabs/themis
2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory prepare data #eatdog @vixentael 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) Send photo to server
2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory prepare data transfer data #eatdog @vixentael 4. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 5. Send EncData, M1, M2 via Session 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) Send photo to server
Send photo to server 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) 6. Receive OK 7. Terminate Session 8. Mark EncData in Local Store as Synced 2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory 4. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 5. Send EncData, M1, M2 via Session prepare data transfer data terminate session
Send photo to server 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) 6. Receive OK 7. Terminate Session 8. Mark EncData in Local Store as Synced 2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory 4. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 5. Send EncData, M1, M2 via Session prepare data transfer data terminate session
1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) initialize connection #eatdog @vixentael Read photo from server
1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 3. Receive EncData 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) initialize connection transfer data #eatdog @vixentael Read photo from server
Read photo from server 1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 3. Receive EncData 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) 4. Request password from user 5. Decrypt data: SD = SCell_unwrap(EncData, SK, Context=M2) initialize connection transfer data decrypt data
Read photo from server 1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 3. Receive EncData 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) 4. Request password from user 5. Decrypt data: SD = SCell_unwrap(EncData, SK, Context=M2) initialize connection transfer data decrypt data
Code samples
Generate keys #eatdog @vixentael // Generating EC keys guard let keyGeneratorEC: TSKeyGen = TSKeyGen(algorithm: .EC) else { print("Error occurred while initializing object keyGeneratorEC”) return } let privateKeyEC: NSData = keyGeneratorEC.privateKey let publicKeyEC: NSData = keyGeneratorEC.publicKey https://github.com/cossacklabs/themis/wiki/Swift-Howto
Symmetric encryption #eatdog @vixentael let masterKeyData: NSData = self.generateMasterKey() guard let cellSeal: TSCellSeal = TSCellSeal(key: masterKeyData) else { print("Error occurred while initializing object cellSeal", #function) return } let message: String = "All your base are belong to us!" let context: String = "For great justice" var encryptedMessage: NSData = NSData() do { // context is optional parameter and may be ignored encryptedMessage = try cellSeal.wrapData(message.dataUsingEncoding(NSUTF8StringEncoding), context: context.dataUsingEncoding(NSUTF8StringEncoding)) print("encryptedMessages = (encryptedMessage)") } catch let error as NSError { print("Error occurred while encrypting (error)", #function) return } https://github.com/cossacklabs/themis/wiki/Swift-Howto
Symmetric decryption #eatdog @vixentael let masterKeyData: NSData = self.generateMasterKey() guard let cellSeal: TSCellSeal = TSCellSeal(key: masterKeyData) else { print("Error occurred while initializing object cellSeal", #function) return } let message: String = "All your base are belong to us!" let context: String = "For great justice" do { let decryptedMessage: NSData = try cellSeal.unwrapData(encryptedMessage, context: context.dataUsingEncoding(NSUTF8StringEncoding)) let resultString: String = String(data: decryptedMessage, encoding: NSUTF8StringEncoding)! print("decryptedMessage = (resultString)") } catch let error as NSError { print("Error occurred while decrypting (error)", #function) return } https://github.com/cossacklabs/themis/wiki/Swift-Howto
Initialize Session #eatdog @vixentael guard let clientIdData: NSData = kClientId.dataUsingEncoding(NSUTF8StringEncoding), let clientPrivateKey: NSData = NSData(base64EncodedString: kClientPrivateKey, options: .IgnoreUnknownCharacters) else { print("Error occurred during base64 encoding", #function) return } self.transport = Transport() self.transport?.setupKeys(kServerId, serverPublicKey: kServerPublicKey) self.session = TSSession(userId: clientIdData, privateKey: clientPrivateKey, callbacks: self.transport) https://github.com/cossacklabs/themis/wiki/Swift-Howto
Encrypt/Decrypt Session messages #eatdog @vixentael var encryptedMessage: NSData do { guard let wrappedMessage: NSData = try self.session?.wrapData(message.dataUsingEncoding(NSUTF8StringEncoding)) else { print("Error occurred during wrapping message ", #function) return } encryptedMessage = wrappedMessage } catch let error as NSError { print("Error occurred while wrapping message (error)", #function) completion(data: nil, error: error) return } //... do { guard let decryptedMessage: NSData = try self.session?.unwrapData(data), let resultString: String = String(data: decryptedMessage, encoding: NSUTF8StringEncoding) else { throw NSError(domain: "com.example", code: -3, userInfo: nil) } completion(data: resultString, error: nil) } catch let error as NSError { print("Error occurred while decrypting message (error)", #function) completion(data: nil, error: error) return } https://github.com/cossacklabs/themis/wiki/Swift-Howto
accumulate encrypted data accumulate metadata DoS Possible attacks #eatdog @vixentael
Make it tough even more
one password per photo Enforce app security user inputs password every time on photo access #eatdog @vixentael
#eatdog @vixentael Repeated auth D1 D2 Dn ... Received items request ZKP(M1i) select any Di, where Di = (EncData, M1, M2) prove M2i transfer Dn+1 compare M2i, on success Synced items D1 D2 Dn ...
#eatdog @vixentael Repeated auth Use ZKP to prove that Server has M2 from any previous transfer
Best active MitM + hack server: #eatdog @vixentael The worst scenario attacks Attacker seizes SKP from Server and pretends to be normal server by DNS spoofing or routing redirection. Results: Accumulates useless M1, M2 and lousy EncData.
Active MitM without hacking the server: #eatdog @vixentael The worst scenario attacks Attacker does not have SKP. Results: SecureSession initialization fails. App doesn’t start transfer data to server at all.
Denial of Service: #eatdog @vixentael The worst scenario attacks Attacker flood server with requests / tons of data. Results: Server may be flooded. Monitor all the things!
Finalizing…
* hardware support (AES) Crypto is very expensive!!11 https://www.cossacklabs.com/benchmarking-secure-comparator.html * scripted language and questionable frameworks affect performance as much as running the expensive math, if not more * endorse crypto everywhere to make it more cheap :) #eatdog @vixentael (it is not)
Apple enforces good security practices iOS 10 use HTTPS everywhere! https://developer.apple.com/videos/play/wwdc2016/706/ http://useyourloaf.com/blog/privacy-settings-in-ios-10/ add purpose strings for accessing private data https://nabla-c0d3.github.io/blog/2016/08/14/ats-enforced-2017/ read more about Apple security care in Additional reading section #eatdog @vixentael drop TLS < 1.2
https://www.blackhat.com/docs/us-16/materials/us-16-Krstic.pdf Apple enforces good security practices
Security is a system, not a set of methods You may need to re-read this slides when you will plan your next app User-centric trust is simple to implement, yet almost impossible to hack #eatdog @vixentael Key points!
@vixentael Lead Developer at stanfy.com iOS contributor at Themis/ cossacklabs.com The last slide
My other security talks https://medium.com/@vixentael/upgrading-approaches-to-the-secure-mobile- architectures-7a8fcb10d28a#.ffbsjwqx6 Upgrading Approaches to the Secure Mobile Architectures https://medium.com/stanfy-engineering-practices/data-protection-for-mobile-client- server-architectures-6e6dcabd871a Data Protection For Mobile Client-Server Architectures https://speakerdeck.com/vixentael/users-data-security-in-ios-applications Users' data security in iOS applications #eatdog @vixentael
Additional reading by Apple https://developer.apple.com/videos/play/wwdc2016/705/ How iOS Security Really Works https://developer.apple.com/videos/play/wwdc2016/706/ What's New in Security https://www.blackhat.com/docs/us-16/materials/us-16-Krstic.pdf Behind the Scenes with iOS Security https://developer.apple.com/videos/play/wwdc2016/709/ Engineering Privacy for Your Users #eatdog @vixentael
Additional reading by smarties https://nabla-c0d3.github.io/blog/2016/08/14/ats-enforced-2017/ Getting Ready for ATS Enforcement in 2017 http://useyourloaf.com/blog/privacy-settings-in-ios-10/ Privacy Settings in iOS 10 https://www.cossacklabs.com/zero-knowledge-protocols-without-magic.html Zero Knowledge Protocols Without Magic #eatdog @vixentael https://speakerdeck.com/mbazaliy/a-journey-through-exploit-mitigation-techniques-on-ios A Journey Through Exploit Mitigation Techniques on iOS

Recommended

Distributed Domain Driven Design with the help of Azure Reliable Actors
Distributed Domain Driven Design with the help of Azure Reliable ActorsDistributed Domain Driven Design with the help of Azure Reliable Actors
Distributed Domain Driven Design with the help of Azure Reliable ActorsEatDog
 
Mapbox GL: как работают современные векторные карты
Mapbox GL: как работают современные векторные картыMapbox GL: как работают современные векторные карты
Mapbox GL: как работают современные векторные картыEatDog
 
Классифицируем текст в iOS без CoreML: как и зачем?
Классифицируем текст в iOS без CoreML: как и зачем? Классифицируем текст в iOS без CoreML: как и зачем?
Классифицируем текст в iOS без CoreML: как и зачем? EatDog
 
macOS app development for iOS devs: expand your horizons
macOS app development for iOS devs: expand your horizonsmacOS app development for iOS devs: expand your horizons
macOS app development for iOS devs: expand your horizonsEatDog
 
Dependency Injections in Kotlin
Dependency Injections in KotlinDependency Injections in Kotlin
Dependency Injections in KotlinEatDog
 
Быстрый в имплементации и в работе мониторинг с использованием ELK
Быстрый в имплементации и в работе мониторинг с использованием ELKБыстрый в имплементации и в работе мониторинг с использованием ELK
Быстрый в имплементации и в работе мониторинг с использованием ELKEatDog
 
Continuous integration / continuous delivery
Continuous integration / continuous deliveryContinuous integration / continuous delivery
Continuous integration / continuous deliveryEatDog
 
Как мы экспериментируем в больших микросервисных системах
Как мы экспериментируем в больших микросервисных системахКак мы экспериментируем в больших микросервисных системах
Как мы экспериментируем в больших микросервисных системахEatDog
 

Recommended

Distributed Domain Driven Design with the help of Azure Reliable Actors
Distributed Domain Driven Design with the help of Azure Reliable ActorsDistributed Domain Driven Design with the help of Azure Reliable Actors
Distributed Domain Driven Design with the help of Azure Reliable ActorsEatDog
 
Mapbox GL: как работают современные векторные карты
Mapbox GL: как работают современные векторные картыMapbox GL: как работают современные векторные карты
Mapbox GL: как работают современные векторные картыEatDog
 
Классифицируем текст в iOS без CoreML: как и зачем?
Классифицируем текст в iOS без CoreML: как и зачем? Классифицируем текст в iOS без CoreML: как и зачем?
Классифицируем текст в iOS без CoreML: как и зачем? EatDog
 
macOS app development for iOS devs: expand your horizons
macOS app development for iOS devs: expand your horizonsmacOS app development for iOS devs: expand your horizons
macOS app development for iOS devs: expand your horizonsEatDog
 
Dependency Injections in Kotlin
Dependency Injections in KotlinDependency Injections in Kotlin
Dependency Injections in KotlinEatDog
 
Быстрый в имплементации и в работе мониторинг с использованием ELK
Быстрый в имплементации и в работе мониторинг с использованием ELKБыстрый в имплементации и в работе мониторинг с использованием ELK
Быстрый в имплементации и в работе мониторинг с использованием ELKEatDog
 
Continuous integration / continuous delivery
Continuous integration / continuous deliveryContinuous integration / continuous delivery
Continuous integration / continuous deliveryEatDog
 
Как мы экспериментируем в больших микросервисных системах
Как мы экспериментируем в больших микросервисных системахКак мы экспериментируем в больших микросервисных системах
Как мы экспериментируем в больших микросервисных системахEatDog
 
Отказоустойчивый Redis кластер
Отказоустойчивый Redis кластерОтказоустойчивый Redis кластер
Отказоустойчивый Redis кластерEatDog
 
Кодстайл и насилие.
Кодстайл и насилие. Кодстайл и насилие.
Кодстайл и насилие. EatDog
 
Refactor to Reactive With Spring 5 and Project Reactor
Refactor to Reactive With Spring 5 and Project ReactorRefactor to Reactive With Spring 5 and Project Reactor
Refactor to Reactive With Spring 5 and Project ReactorEatDog
 
GraphQL: APIs the New Way.
GraphQL: APIs the New Way.GraphQL: APIs the New Way.
GraphQL: APIs the New Way.EatDog
 
Большие проекты, архитектура и фреймворки.
Большие проекты, архитектура и фреймворки.Большие проекты, архитектура и фреймворки.
Большие проекты, архитектура и фреймворки.EatDog
 
Microservices in a Wild.
Microservices in a Wild.Microservices in a Wild.
Microservices in a Wild.EatDog
 
Dependency Rejection and TDD without Mocks
Dependency Rejection and TDD without MocksDependency Rejection and TDD without Mocks
Dependency Rejection and TDD without MocksEatDog
 
Стероиды для Дотнетчика
Стероиды для ДотнетчикаСтероиды для Дотнетчика
Стероиды для ДотнетчикаEatDog
 
Domain Driven Design – просто о сложном.
Domain Driven Design – просто о сложном.Domain Driven Design – просто о сложном.
Domain Driven Design – просто о сложном.EatDog
 
OWASP: безопасное программирование на PHP.
OWASP: безопасное программирование на PHP.OWASP: безопасное программирование на PHP.
OWASP: безопасное программирование на PHP.EatDog
 
Принципы Solid на практике
Принципы Solid на практикеПринципы Solid на практике
Принципы Solid на практикеEatDog
 
Нельзя просто так взять и сделать версионирование API
Нельзя просто так взять и сделать версионирование APIНельзя просто так взять и сделать версионирование API
Нельзя просто так взять и сделать версионирование APIEatDog
 
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемость
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемостьAPI в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемость
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемостьEatDog
 
Выжить с помощью ООП. Максим Гопей
Выжить с помощью ООП. Максим ГопейВыжить с помощью ООП. Максим Гопей
Выжить с помощью ООП. Максим ГопейEatDog
 
View models for component driven
View models for component drivenView models for component driven
View models for component drivenEatDog
 
Влияние UX на исходный код приложения. Валерий Сорокобатько
Влияние UX на исходный код приложения. Валерий СорокобатькоВлияние UX на исходный код приложения. Валерий Сорокобатько
Влияние UX на исходный код приложения. Валерий СорокобатькоEatDog
 
Angular vs Angular 2 vs React. Сергей Александров
Angular vs Angular 2 vs React. Сергей АлександровAngular vs Angular 2 vs React. Сергей Александров
Angular vs Angular 2 vs React. Сергей АлександровEatDog
 
Data flow layer. Захарченко Артем
Data flow layer. Захарченко АртемData flow layer. Захарченко Артем
Data flow layer. Захарченко АртемEatDog
 
Offline first: application data and synchronization
Offline first: application data and synchronizationOffline first: application data and synchronization
Offline first: application data and synchronizationEatDog
 
Software Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements EngineeringSoftware Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements EngineeringPrakhyath Rai
 
A Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfA Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfICS
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Henry Schreiner
 

More Related Content

More from EatDog

Отказоустойчивый Redis кластер
Отказоустойчивый Redis кластерОтказоустойчивый Redis кластер
Отказоустойчивый Redis кластерEatDog
 
Кодстайл и насилие.
Кодстайл и насилие. Кодстайл и насилие.
Кодстайл и насилие. EatDog
 
Refactor to Reactive With Spring 5 and Project Reactor
Refactor to Reactive With Spring 5 and Project ReactorRefactor to Reactive With Spring 5 and Project Reactor
Refactor to Reactive With Spring 5 and Project ReactorEatDog
 
GraphQL: APIs the New Way.
GraphQL: APIs the New Way.GraphQL: APIs the New Way.
GraphQL: APIs the New Way.EatDog
 
Большие проекты, архитектура и фреймворки.
Большие проекты, архитектура и фреймворки.Большие проекты, архитектура и фреймворки.
Большие проекты, архитектура и фреймворки.EatDog
 
Microservices in a Wild.
Microservices in a Wild.Microservices in a Wild.
Microservices in a Wild.EatDog
 
Dependency Rejection and TDD without Mocks
Dependency Rejection and TDD without MocksDependency Rejection and TDD without Mocks
Dependency Rejection and TDD without MocksEatDog
 
Стероиды для Дотнетчика
Стероиды для ДотнетчикаСтероиды для Дотнетчика
Стероиды для ДотнетчикаEatDog
 
Domain Driven Design – просто о сложном.
Domain Driven Design – просто о сложном.Domain Driven Design – просто о сложном.
Domain Driven Design – просто о сложном.EatDog
 
OWASP: безопасное программирование на PHP.
OWASP: безопасное программирование на PHP.OWASP: безопасное программирование на PHP.
OWASP: безопасное программирование на PHP.EatDog
 
Принципы Solid на практике
Принципы Solid на практикеПринципы Solid на практике
Принципы Solid на практикеEatDog
 
Нельзя просто так взять и сделать версионирование API
Нельзя просто так взять и сделать версионирование APIНельзя просто так взять и сделать версионирование API
Нельзя просто так взять и сделать версионирование APIEatDog
 
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемость
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемостьAPI в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемость
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемостьEatDog
 
Выжить с помощью ООП. Максим Гопей
Выжить с помощью ООП. Максим ГопейВыжить с помощью ООП. Максим Гопей
Выжить с помощью ООП. Максим ГопейEatDog
 
View models for component driven
View models for component drivenView models for component driven
View models for component drivenEatDog
 
Влияние UX на исходный код приложения. Валерий Сорокобатько
Влияние UX на исходный код приложения. Валерий СорокобатькоВлияние UX на исходный код приложения. Валерий Сорокобатько
Влияние UX на исходный код приложения. Валерий СорокобатькоEatDog
 
Angular vs Angular 2 vs React. Сергей Александров
Angular vs Angular 2 vs React. Сергей АлександровAngular vs Angular 2 vs React. Сергей Александров
Angular vs Angular 2 vs React. Сергей АлександровEatDog
 
Data flow layer. Захарченко Артем
Data flow layer. Захарченко АртемData flow layer. Захарченко Артем
Data flow layer. Захарченко АртемEatDog
 
Offline first: application data and synchronization
Offline first: application data and synchronizationOffline first: application data and synchronization
Offline first: application data and synchronizationEatDog
 

More from EatDog (19)

Отказоустойчивый Redis кластер
Отказоустойчивый Redis кластерОтказоустойчивый Redis кластер
Отказоустойчивый Redis кластер
 
Кодстайл и насилие.
Кодстайл и насилие. Кодстайл и насилие.
Кодстайл и насилие.
 
Refactor to Reactive With Spring 5 and Project Reactor
Refactor to Reactive With Spring 5 and Project ReactorRefactor to Reactive With Spring 5 and Project Reactor
Refactor to Reactive With Spring 5 and Project Reactor
 
GraphQL: APIs the New Way.
GraphQL: APIs the New Way.GraphQL: APIs the New Way.
GraphQL: APIs the New Way.
 
Большие проекты, архитектура и фреймворки.
Большие проекты, архитектура и фреймворки.Большие проекты, архитектура и фреймворки.
Большие проекты, архитектура и фреймворки.
 
Microservices in a Wild.
Microservices in a Wild.Microservices in a Wild.
Microservices in a Wild.
 
Dependency Rejection and TDD without Mocks
Dependency Rejection and TDD without MocksDependency Rejection and TDD without Mocks
Dependency Rejection and TDD without Mocks
 
Стероиды для Дотнетчика
Стероиды для ДотнетчикаСтероиды для Дотнетчика
Стероиды для Дотнетчика
 
Domain Driven Design – просто о сложном.
Domain Driven Design – просто о сложном.Domain Driven Design – просто о сложном.
Domain Driven Design – просто о сложном.
 
OWASP: безопасное программирование на PHP.
OWASP: безопасное программирование на PHP.OWASP: безопасное программирование на PHP.
OWASP: безопасное программирование на PHP.
 
Принципы Solid на практике
Принципы Solid на практикеПринципы Solid на практике
Принципы Solid на практике
 
Нельзя просто так взять и сделать версионирование API
Нельзя просто так взять и сделать версионирование APIНельзя просто так взять и сделать версионирование API
Нельзя просто так взять и сделать версионирование API
 
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемость
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемостьAPI в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемость
API в SAAS, с облаком и без: ресурсы, SLA, балансировка, расширяемость
 
Выжить с помощью ООП. Максим Гопей
Выжить с помощью ООП. Максим ГопейВыжить с помощью ООП. Максим Гопей
Выжить с помощью ООП. Максим Гопей
 
View models for component driven
View models for component drivenView models for component driven
View models for component driven
 
Влияние UX на исходный код приложения. Валерий Сорокобатько
Влияние UX на исходный код приложения. Валерий СорокобатькоВлияние UX на исходный код приложения. Валерий Сорокобатько
Влияние UX на исходный код приложения. Валерий Сорокобатько
 
Angular vs Angular 2 vs React. Сергей Александров
Angular vs Angular 2 vs React. Сергей АлександровAngular vs Angular 2 vs React. Сергей Александров
Angular vs Angular 2 vs React. Сергей Александров
 
Data flow layer. Захарченко Артем
Data flow layer. Захарченко АртемData flow layer. Захарченко Артем
Data flow layer. Захарченко Артем
 
Offline first: application data and synchronization
Offline first: application data and synchronizationOffline first: application data and synchronization
Offline first: application data and synchronization
 

Recently uploaded

Software Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements EngineeringSoftware Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements EngineeringPrakhyath Rai
 
A Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfA Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfICS
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Henry Schreiner
 
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanWorkshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanNeo4j
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanNeo4j
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio, Inc.
 
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024SimonedeGijt
 
Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Eraconfluent
 
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...drm1699
 
From Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST APIFrom Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST APIInflectra
 
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale IbridaUNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale IbridaNeo4j
 
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jGraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jNeo4j
 
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfSelfMade bd
 
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...Flutter Agency
 
Weeding your micro service landscape.pdf
Weeding your micro service landscape.pdfWeeding your micro service landscape.pdf
Weeding your micro service landscape.pdftimtebeek1
 
BusinessGPT - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AIBusinessGPT - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AIAGATSoftware
 
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Lisi Hocke
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConNatan Silnitsky
 
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfAzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfryanfarris8
 

Recently uploaded (20)

Software Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements EngineeringSoftware Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements Engineering
 
A Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfA Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdf
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024
 
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
Abortion Pill Prices Turfloop ](+27832195400*)[ 🏥 Women's Abortion Clinic in ...
 
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanWorkshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit MilanWorkshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
 
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
 
Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Era
 
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
 
From Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST APIFrom Theory to Practice: Utilizing SpiraPlan's REST API
From Theory to Practice: Utilizing SpiraPlan's REST API
 
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale IbridaUNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
UNI DI NAPOLI FEDERICO II - Il ruolo dei grafi nell'AI Conversazionale Ibrida
 
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jGraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
 
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdfAuto Affiliate AI Earns First Commission in 3 Hours..pdf
Auto Affiliate AI Earns First Commission in 3 Hours..pdf
 
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
 
Weeding your micro service landscape.pdf
Weeding your micro service landscape.pdfWeeding your micro service landscape.pdf
Weeding your micro service landscape.pdf
 
BusinessGPT - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AIBusinessGPT - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AI
 
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeCon
 
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdfAzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
AzureNativeQumulo_HPC_Cloud_Native_Benchmarks.pdf
 

Building user-centric security model in iOS apps

  • 1. Building user-centric security model in iOS apps #eatdog @vixentael
  • 2. #eatdog @vixentael Why we should think more about security?
  • 3. Users trust Apple platform Users trust us Why we should think more about security? #eatdog @vixentael
  • 4. Security talks focus on details, instead of telling the base principles #eatdog @vixentael
  • 6. #eatdog @vixentael security is set of ultimatum rules security abstract app in a vacuum
  • 7. #eatdog @vixentael security is set of ultimatum rules abstract app in a vacuum real apps, real ecosystems
  • 10. It is secure #eatdog @vixentael
  • 11. It is secure against certain threat model and adversary It is secure #eatdog @vixentael
  • 13. Risk Model & Threat Model create demands for security #eatdog @vixentael
  • 14. Real world risks Data leak/ data tampering Reputation risks Legal responsibility Financial damage #eatdog @vixentael
  • 15. Risk impact Data is used/sold by someone Data is tampered and you’re operating on adversary’s plan Identity/auth is used elsewhere DL DT data leakage data tampering identity theft
  • 16. Risk prevention data leakage data tampering identity theft confidentiality (secrecy) integrity authentication #eatdog @vixentael
  • 17. - Encryption w/ secret or PKC - Limit access - Signed encryption - Protected transport with trust and integrity - Authenticated encryption - Action authentication Risk prevention (for us) confidentiality (secrecy) integrity authentication #eatdog @vixentael
  • 18. Encryption is letting only those who know the secret to access the data, no matter how they alter the code or the system (read Kerckhoffs's desideratum) #eatdog @vixentael
  • 19. Trust model is whose secrets you trust in a security system #eatdog @vixentael
  • 20. Everything is broken #eatdog @vixentael Trust no one, but the user
  • 22. Now let’s apply this to the real app #eatdog @vixentael
  • 24. for saving your important docs during trips Let’s make an app!
  • 25. Take pictures of important documents App functionality Store them on server Lets user see them #eatdog @vixentael
  • 26. Architecture and flow #eatdog @vixentael user app network server storage
  • 27. #eatdog @vixentael T2 T3 passive MitM active MitM T1/T4 data loss/ tampering Threats we can handle
  • 28. More complicated.. #eatdog @vixentael T2 T3 passive MitM active MitM T1/T4 data loss/ tampering T5verbal key leak T6 phishing / social engineering T7 rubber-hose cryptanalysis T8 satellite imaging of sensitive input T9EM emissions T10sandbox escaping T11misconfiguration T12 random generator abuse T13 random generator abuse T14 EM emissions and physical side channel T15 physical access T16 malicious dependency T17 misconfigured access T18 unattended backups T19 storing keys with data T20 weak cipher random generator abuse T21
  • 29. #eatdog @vixentael Back to threats we can handle T2 T3 passive MitM active MitM T1/T4 data loss/ tampering
  • 30. #eatdog @vixentael Threats: T1/T4 attacker steals stored data or tampers it
  • 31. attacker steals stored data or tampers it Threats: T1/T4 Secret Key Crypto Protection Symmetric crypto for storing data. If user has no secret, he can’t read or change data. #eatdog @vixentael
  • 32. #eatdog @vixentael Threats: T2 attacker captures network traffic (passive MitM)
  • 33. Threats: T2 attacker captures network traffic (passive MitM) Public Key Cryptography, ephemeral keys Protection Asymmetric crypto for sending data. Ephemeral keys to avoid decrypting accumulated traffic if keys are leaked/cracked. #eatdog @vixentael
  • 34. #eatdog @vixentael Threats: T3 attacker redirects traffic and pretends to be remote party (active MitM)
  • 35. Threats: T3 attacker redirects traffic and pretends to be remote party (active MitM) Public Key Cryptography, certificate pinning Protection Asymmetric crypto for sending data. Check server certificate to make sure it matches with pinned one. #eatdog @vixentael
  • 36. Protection methods T2 T3 passive MitM active MitM T1/T4 data loss/ tampering Secret Key Crypto PKC + ephem. keys PKC + cert. pinning #eatdog @vixentael
  • 37. Public Key Crypto Perfect Forward Secrecy Secret Key Crypto Authenticated Encryption Certificate Pinning Trust model Trust the user only #eatdog @vixentael
  • 38. Relationship model plain data symmetric encryption PKC + eph. keys symmetric encryption PKC + eph. keys ZKP ZKP #eatdog @vixentael
  • 39. …what if trapdoor function fails? …what if key exchange is flawed? …what if we suspect that server is fraudulent? #eatdog @vixentael add more paranoia!
  • 40. …what if trapdoor function fails? …what if key exchange is flawed? add more paranoia! …what if we suspect that server is fraudulent? Zero Knowledge Proof for the rescue! #eatdog @vixentael
  • 41. ZKP is comparing shared secret without transmitting it does not require the key exchange, does not leak password https://www.cossacklabs.com/zero-knowledge-protocols-without-magic.html #eatdog @vixentael
  • 42. So, data model: Secret key (SK) = KDF(user password) #eatdog @vixentael
  • 43. Secret key (SK) = KDF(user password) Sensitive Data (SD) — passport photo Metadata (M1) — timestamp+CRC of photo Metadata (M2) — name of photo (user inputs) #eatdog @vixentael So, data model:
  • 44. Secret key (SK) = KDF(user password) Sensitive Data (SD) — passport photo Metadata (M1) — timestamp+CRC of photo Metadata (M2) — name of photo (user inputs) Mobile Key Pair (MKP) — private+public keys gen. inside app. Server Key Pair (SKP) — private+public keys gen. on server. App pins Server Public Key. #eatdog @vixentael So, data model:
  • 45. Pwd Key + Data model #eatdog @vixentael SDM1 M2 MKP SKP SK
  • 46. Pwd MKP SKP SK symmetric encryption PKC + eph. keys PKC + eph. keys Rand KDF() Rand User-centric trust #eatdog @vixentael
  • 48. Crypto primitives* Symmetric cryptoSCell Asymmetric crypto based on ephemeral keys SSession SComparator ZKP implementation #eatdog @vixentael *based on Themis crypto lib https://github.com/cossacklabs/themis
  • 49. 2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory prepare data #eatdog @vixentael 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) Send photo to server
  • 50. 2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory prepare data transfer data #eatdog @vixentael 4. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 5. Send EncData, M1, M2 via Session 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) Send photo to server
  • 51. Send photo to server 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) 6. Receive OK 7. Terminate Session 8. Mark EncData in Local Store as Synced 2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory 4. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 5. Send EncData, M1, M2 via Session prepare data transfer data terminate session
  • 52. Send photo to server 1. Encrypt photo EncData = SCell_wrap(SD, SK, Context=M2) 6. Receive OK 7. Terminate Session 8. Mark EncData in Local Store as Synced 2. Store EncData, M1, M2 in Local Store 3. Drop SD, SK from memory 4. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 5. Send EncData, M1, M2 via Session prepare data transfer data terminate session
  • 53. 1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) initialize connection #eatdog @vixentael Read photo from server
  • 54. 1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 3. Receive EncData 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) initialize connection transfer data #eatdog @vixentael Read photo from server
  • 55. Read photo from server 1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 3. Receive EncData 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) 4. Request password from user 5. Decrypt data: SD = SCell_unwrap(EncData, SK, Context=M2) initialize connection transfer data decrypt data
  • 56. Read photo from server 1. Connect to Server: Session = SSession(Priv(MKP), Pub(SKP)) 3. Receive EncData 2. Request EncData proof via ZKP: 2.1 Send M1 2.2 Request Server to prove he has M2 by performing SComparator(M2) 4. Request password from user 5. Decrypt data: SD = SCell_unwrap(EncData, SK, Context=M2) initialize connection transfer data decrypt data
  • 58. Generate keys #eatdog @vixentael // Generating EC keys guard let keyGeneratorEC: TSKeyGen = TSKeyGen(algorithm: .EC) else { print("Error occurred while initializing object keyGeneratorEC”) return } let privateKeyEC: NSData = keyGeneratorEC.privateKey let publicKeyEC: NSData = keyGeneratorEC.publicKey https://github.com/cossacklabs/themis/wiki/Swift-Howto
  • 59. Symmetric encryption #eatdog @vixentael let masterKeyData: NSData = self.generateMasterKey() guard let cellSeal: TSCellSeal = TSCellSeal(key: masterKeyData) else { print("Error occurred while initializing object cellSeal", #function) return } let message: String = "All your base are belong to us!" let context: String = "For great justice" var encryptedMessage: NSData = NSData() do { // context is optional parameter and may be ignored encryptedMessage = try cellSeal.wrapData(message.dataUsingEncoding(NSUTF8StringEncoding), context: context.dataUsingEncoding(NSUTF8StringEncoding)) print("encryptedMessages = (encryptedMessage)") } catch let error as NSError { print("Error occurred while encrypting (error)", #function) return } https://github.com/cossacklabs/themis/wiki/Swift-Howto
  • 60. Symmetric decryption #eatdog @vixentael let masterKeyData: NSData = self.generateMasterKey() guard let cellSeal: TSCellSeal = TSCellSeal(key: masterKeyData) else { print("Error occurred while initializing object cellSeal", #function) return } let message: String = "All your base are belong to us!" let context: String = "For great justice" do { let decryptedMessage: NSData = try cellSeal.unwrapData(encryptedMessage, context: context.dataUsingEncoding(NSUTF8StringEncoding)) let resultString: String = String(data: decryptedMessage, encoding: NSUTF8StringEncoding)! print("decryptedMessage = (resultString)") } catch let error as NSError { print("Error occurred while decrypting (error)", #function) return } https://github.com/cossacklabs/themis/wiki/Swift-Howto
  • 61. Initialize Session #eatdog @vixentael guard let clientIdData: NSData = kClientId.dataUsingEncoding(NSUTF8StringEncoding), let clientPrivateKey: NSData = NSData(base64EncodedString: kClientPrivateKey, options: .IgnoreUnknownCharacters) else { print("Error occurred during base64 encoding", #function) return } self.transport = Transport() self.transport?.setupKeys(kServerId, serverPublicKey: kServerPublicKey) self.session = TSSession(userId: clientIdData, privateKey: clientPrivateKey, callbacks: self.transport) https://github.com/cossacklabs/themis/wiki/Swift-Howto
  • 62. Encrypt/Decrypt Session messages #eatdog @vixentael var encryptedMessage: NSData do { guard let wrappedMessage: NSData = try self.session?.wrapData(message.dataUsingEncoding(NSUTF8StringEncoding)) else { print("Error occurred during wrapping message ", #function) return } encryptedMessage = wrappedMessage } catch let error as NSError { print("Error occurred while wrapping message (error)", #function) completion(data: nil, error: error) return } //... do { guard let decryptedMessage: NSData = try self.session?.unwrapData(data), let resultString: String = String(data: decryptedMessage, encoding: NSUTF8StringEncoding) else { throw NSError(domain: "com.example", code: -3, userInfo: nil) } completion(data: resultString, error: nil) } catch let error as NSError { print("Error occurred while decrypting message (error)", #function) completion(data: nil, error: error) return } https://github.com/cossacklabs/themis/wiki/Swift-Howto
  • 63. accumulate encrypted data accumulate metadata DoS Possible attacks #eatdog @vixentael
  • 65. one password per photo Enforce app security user inputs password every time on photo access #eatdog @vixentael
  • 66. #eatdog @vixentael Repeated auth D1 D2 Dn ... Received items request ZKP(M1i) select any Di, where Di = (EncData, M1, M2) prove M2i transfer Dn+1 compare M2i, on success Synced items D1 D2 Dn ...
  • 67. #eatdog @vixentael Repeated auth Use ZKP to prove that Server has M2 from any previous transfer
  • 68. Best active MitM + hack server: #eatdog @vixentael The worst scenario attacks Attacker seizes SKP from Server and pretends to be normal server by DNS spoofing or routing redirection. Results: Accumulates useless M1, M2 and lousy EncData.
  • 69. Active MitM without hacking the server: #eatdog @vixentael The worst scenario attacks Attacker does not have SKP. Results: SecureSession initialization fails. App doesn’t start transfer data to server at all.
  • 70. Denial of Service: #eatdog @vixentael The worst scenario attacks Attacker flood server with requests / tons of data. Results: Server may be flooded. Monitor all the things!
  • 72. * hardware support (AES) Crypto is very expensive!!11 https://www.cossacklabs.com/benchmarking-secure-comparator.html * scripted language and questionable frameworks affect performance as much as running the expensive math, if not more * endorse crypto everywhere to make it more cheap :) #eatdog @vixentael (it is not)
  • 73. Apple enforces good security practices iOS 10 use HTTPS everywhere! https://developer.apple.com/videos/play/wwdc2016/706/ http://useyourloaf.com/blog/privacy-settings-in-ios-10/ add purpose strings for accessing private data https://nabla-c0d3.github.io/blog/2016/08/14/ats-enforced-2017/ read more about Apple security care in Additional reading section #eatdog @vixentael drop TLS < 1.2
  • 75. Security is a system, not a set of methods You may need to re-read this slides when you will plan your next app User-centric trust is simple to implement, yet almost impossible to hack #eatdog @vixentael Key points!
  • 76. @vixentael Lead Developer at stanfy.com iOS contributor at Themis/ cossacklabs.com The last slide
  • 77. My other security talks https://medium.com/@vixentael/upgrading-approaches-to-the-secure-mobile- architectures-7a8fcb10d28a#.ffbsjwqx6 Upgrading Approaches to the Secure Mobile Architectures https://medium.com/stanfy-engineering-practices/data-protection-for-mobile-client- server-architectures-6e6dcabd871a Data Protection For Mobile Client-Server Architectures https://speakerdeck.com/vixentael/users-data-security-in-ios-applications Users' data security in iOS applications #eatdog @vixentael
  • 78. Additional reading by Apple https://developer.apple.com/videos/play/wwdc2016/705/ How iOS Security Really Works https://developer.apple.com/videos/play/wwdc2016/706/ What's New in Security https://www.blackhat.com/docs/us-16/materials/us-16-Krstic.pdf Behind the Scenes with iOS Security https://developer.apple.com/videos/play/wwdc2016/709/ Engineering Privacy for Your Users #eatdog @vixentael
  • 79. Additional reading by smarties https://nabla-c0d3.github.io/blog/2016/08/14/ats-enforced-2017/ Getting Ready for ATS Enforcement in 2017 http://useyourloaf.com/blog/privacy-settings-in-ios-10/ Privacy Settings in iOS 10 https://www.cossacklabs.com/zero-knowledge-protocols-without-magic.html Zero Knowledge Protocols Without Magic #eatdog @vixentael https://speakerdeck.com/mbazaliy/a-journey-through-exploit-mitigation-techniques-on-ios A Journey Through Exploit Mitigation Techniques on iOS