Forensically-Sound Analysis of Security Risks of
advertisement
Forensically-Sound Analysis of Security Risks of using Local Password Managers Joshua Gray University of Derby Virginia N. L. Franqueira University of Derby Yijun Yu The Open University (presenter) iRENIC 2016 @10:30-11:00September12,2016,FriendshipHotel,Beijing,China Background • Passwordsremainthemostcommonformof authenFcaFon • Alarge-scalestudy(2007)[1]suggeststhat: • Auserhas,onaverage,25onlineaccounts requiringpasswords,and • Ausertypes8passwords/day [1]D.FlorencioandC.Herley,“ALarge-ScaleStudyofWebPasswordHabits,”in InProceedingsofthe16thInternaFonalConferenceonWorldWideWeb, WWW’16.ACMPress,2007,pp.657–666. Challengingtorememberpasswords • Humancapacitytorememberpasswordsis affectedbymanyfactors: • Passwordcomplexity→strongerpasswords arehardertorememberduetohighentropy; • Passwordmatching→whichpassword belongstowhichaccount; • Frequencyofuse→rarelyusedpasswords arehardertoremember; • Frequencyofchange→periodicchangesand historychecksexacerbatetheproblem! Howuserscopewiththeproblem? • Usersusedifferentstrategies: • • • • Reusepasswords Writepasswordsdown Recycleoldpasswordswithsmallchanges Usehighlyguessablepasswords →Theseapproachesfavourusabilityover security SoluFon:PasswordManagers • PasswordManagershavebeen recommended(e.g.,byCERT[7])asoneof thebestwaystoaccommodatethetrade-off betweenusabilityandsecurity • ItisbecomingbestpracFceforindividuals andSMEs [7]A.Huth,M.Orlando,andL.Pesante,“PasswordSecurity,ProtecFon,andManagement,” UnitedStatesComputerEmergencyReadinessTeam,2012, hhps://www.us-cert.gov/security-publicaFons/password-security-protecFon-andmanagement. HowPasswordManagerswork? Contextsofuse Scopeofthisstudy • Explores3popularlocalpasswordmanagers • KeePassv.2.28 • PasswordSafev.3.35.1 • RoboFormv.7.9.12 • Thesepasswordmanagerskeepadatabaseof passwordslocaltothemachine(e.g., Windows7)runningit Studystages 1. ElicitaFonofsecurityrisks&Forensic Soundness • Outcome:listofpotenFalrisks 2. (Forensics)phasedtesFngapproach • Outcome:vulnerabiliFestousersofthe studiedpasswordmanagers –mayormaynotconfirmtherisks Stage1:ElicitaFonofsecurityrisks Stage2:PhasedtesFngapproach Involvedthe creaFonofa baselinevirtual machineforeach PM(1GBRAM)and runningthetest casesusingthem. Methodologyby Carrier&Spafford (2004)[30];EnCase tool(v7.10.00.103) wasused. Whatwastested Passwordmanager Testcases Aim KeePass PasswordSafe RoboForm K1-K4 Exercisemethodsofuserauthen;ca;on K5&K6 Exerciseexportfeature K7 Exerciseprintfeature K8 Exerciseuninstallfeature P1 Exercisemethodsofuserauthen;ca;on P2 Exerciseexportfeature P3 Exerciseclipboardfeature P4 Exerciseuninstallfeature R1 Exercisemethodsofuserauthen;ca;on R2 Exerciseprintfeature R3 Exerciseauto-completefeature R4 Exerciseclipboardfeature R5 Exerciseuninstallfeature Confirmedrisksviaforensics:KeePass Expectedresult Actualresult(confirmedrisk) K1 Datawillremain WhenRAMislimited,themasterpasswordcanbefoundin fullysecuredwithin theWindowspagefile(hiddenpagefile.sys)inplaintext. thedatabase. (r1) K5 K6 Despitetheformat, datawillbe exported encrypted. Nosecurityclearancewasenforcedbeforetheexport started;thedatabaseexportedinHTMLformatwas unencryptedandcouldbeeasilyviewedinplaintextvia browser;italsoremainedintheRecycleBinaYertheuser’s requesttopermanentlydeleteit.(r1)(r4) K7 Noresidueofthe failedprin;ngwill remaininthe system. Nosecurityclearancewasenforcedbeforetheprintstarted; thedatabaseprintfilecouldbelocatedintheTempfolder inplaintextaYeritfailedtoprint.(r1) K7.1 Databasewillprint ThenewdatabasewasdeletedfromtheTempfolderaYer andnoresidueofit successfullyprinted;however,theunsuccessfullyprinted willremain. databasefile(seeK7)remainedintheTempfolderinplain text.(r1) Confirmedrisksviaforensics: PasswordSafe(P)&RoboForm(R) Expectedresult Actualresult(confirmedrisk) P3 Thecopieddata Thedatacopiedtotheclipboardremainedstoredinthe willbedeleted Windowspagefile(hiddenpagefile.sys)ofthecomputerin fromtheclipboard. plaintextaYerthecomputerwasrebooted.(r1) R1 Datawillremain WhenRAMislimited,themasterpasswordcanbefoundin fullysecuredwithin theWindowspagefile(hiddenpagefile.sys)inplaintext. thedatabase. (r1) Summaryofrisks • WithaRAMof1GB,themasterpasswordforKeePassand idenFtydetailsforpaymentusingRoboFormcanbefound unencryptedinthepagefile; • TheexporteddatabaseinKeePassremainsintherecycle binevenwhenusersconfirmitspermanentdeleFon; • UponunsuccessfulprintoutofKeePassdatabasedueto trivialreasons,theunencrypteddatabaseremainsinthe TempfolderevenaoerclosingtheapplicaFon,whichdoes nothappenuponsuccessfulprintout; • Unencryptedsensi8vedatacopiedtoclipboardusing PasswordSafecanbefoundinthepagefileaoer rebooFngfromahard(non-graceful)shutdown. Discussionpoints • SomevulnerabiliFesuncoveredareboundto specialcondiFons(e.g.,paperrunningout, poweroff) • However,theysFllrepresentriskssince: • thesecondiFonsarelikelytohappen,andare someFmestrivial,and • malwarehasstartedtoexploitpassword managers. Discussionpoints • Citadel(2014)malware[36]recognisedtheuse ofKeePassandPasswordSafeandtriggereda keyloggertocapturethemasterpassword • HackingtoolKeeFarse[37]isabletodump KeePassdatabasetoafileaccessibletoahacker, whenauserislogged-in. • ToolslikePCT[34]canparsealiveNTFSsystem andreconstructapagefile. • TheseshowthattheuncoveredvulnerabiliFes representrealrisks. Conclusion(1) • Thestudyalsoallowedustocompare& contrastthebehaviourofthesethree passwordmanagers RecommendaFons: 1. KeePassshouldadoptthepracFcebyPassword SafeandRoboForm,andrequiresecurity clearanceintheformatofauthenFcaFonbefore processingdatabaseexportandprint,and 2. PasswordSafeshouldadoptthepracFceby RoboFormandencryptcontentcopiedtothe clipboard. Conclusion(2) • Packagedasvirtualmachines,suchtest scenariosdescribedinthisworkcouldallow regressionfortheimprovedpassword managers. • Futurework,e.g.: • SincethetestcaseswerenotexhausFveand notmanyfeaturesweretested,thestudy scopeintermsoftestcasecoveragecouldbe extendedorothersystemscouldbe examined. References [1] D.FlorencioandC.Herley,“ALarge-ScaleStudyofWebPasswordHabits,”In:Proceedings ofthe16thInternaFonalConferenceonWorldWideWeb.ACMPress,2007,pp.657–666. [7] A.Huth,M.Orlando,andL.Pesante,“PasswordSecurity,ProtecFon,andManagement,” UnitedStatesComputerEmergencyReadinessTeam,2012, hhps://www.us-cert.gov/security-publicaFons/password-security-protecFon-andmanagement,lastvisited10/2014. [30]B.D.CarrierandE.H.Spafford,“AnEvent-BasedDigitalForensicInvesFgaFonFramework,” In:ProceedingsoftheFourthDigitalForensicsResearchWorkshop,2004,pp.1–12. [34]S.Lee,A.Savoldi,S.Lee,andJ.Lim,“WindowsPagefileCollecFonandAnalysisforaLive ForensicsContext,”In:theProceedingsofFutureGeneraFonCommunicaFonand Networking(FGCN2007).IEEEPress,2007,pp.97–101. [36]R.Lemos,“Malware’snewtarget:yourpasswordmanager’spassword,”November2014, visited09/2015.[Online].Availableat: hhp://arstechnica.com/security/2014/11/citadel-ahackers-aim-to-steal-vicFms-masterpasswords/ [37]D.Goodin,“HackingtoolswipesencryptedcredenFalsfrompasswordmanager,” November2015,visited01/2016.[Online].Available: hhp://arstechnica.com/security/2015/11/hacking-tool-swipes-encrypted-credenFals-frompassword-manager/
