If someone intentionally wants to compromise their own communication, that’s not a vulnerability,” Marlinspike said. “People could also intentionally install malware on their own device, intentionally backdoor their own random number generator, intentionally publish their own private keys, or intentionally broadcast their own communication over a public loudspeaker. Not third party communication,” Marlinspike said. The authors are proposing that someone could intentionally modify and recompile Signal to sabotage their own communication. “Signal uses the X25519 function in the way it was designed. To be clear, Signal and the researchers don’t see eye to eye when it comes to identifying what is a Signal bug. The goal, could be to give the message recipient the appearance of secure communications in hopes they may be comfortable sharing something they might not otherwise. In this farfetched example, researchers explain, communications would be intentionally compromised by the sender. But I believe that validating keys would make Signal even more secure and robust against maliciously or accidentally invalid keys,” the researchers explained. the verification that public keys are not invalid) is therefore not a major security risk. If these criteria aren’t satisfied, the session keys established through that mechanism become predictable to an attacker. “In the cryptographic mechanism used here (a variant of the Diffie-Hellman key agreement, a widely used technique to establish session keys also used in TLS), public keys must satisfy certain criteria in order to be secure. “An attacker who knows that the public key is invalid could decrypt one message, but only in a far-fetched scenario,” Aumasson explained. In another demo of a bug found two weeks ago, the researchers showed how a malicious Signal user could surreptitiously send invalid public keys to other users. Nevertheless, we would like to show that there are ways Signal can better protect their users,” said Vervier. But we have found a lot of non-critical vulnerabilities some might call imperfections. “We haven’t found any glaring security holes. A bug, as impractical as it may be to execute, is still a bug. “They tell us the attack model, from their standpoint, is not realistic,” Vervier said.īut both researchers disagree. Researchers say Signal has told them some of their bugs are too benign and obscure and don’t need to be fixed. In other cases, more trivial bugs have not been patched. Even though it was very low risk to Signal users, we fixed it within hours,” said Moxie Marlinspike, Open Whisper Systems’ founder. “These researchers communicated one bug report to us six months ago concerning the ability to corrupt attachments larger than 4 gigabytes received by the Signal for Android client. That bug was the researchers’ most high-profile bug found in September, when Vervier and Aumasson figured out a way to corrupt attachments sent via the Signal Messaging App. Open Whisper Systems told Threatpost that the researchers have only brought one bug to its attention in the past six months. It should be noted, demos shown were using older versions of the Signal app on unspecified hardware.įor its part, Open Whisper Systems has supported their work and when appropriate, it has addressed their findings, according to Vervier. Then both showed how each of these bugs have been used to crash Signal remotely, bypass the MAC authentication for certain attached files, and how to trigger memory corruption bugs. It can be found in Signal’s own app and is also used in WhatsApp and Facebook’s Messenger “Secret Conversation” mode, and Google’s Allo encrypted messaging service.Īumasson and Vervier discussed past vulnerabilities, including those found in the Signal Android client and in the underlying Java libsignal library. The encryption protocol was developed by Open Whisper Systems and is used by millions. Signal is one of the most popular and trusted end-to-end secure messaging apps. “Protocol implementations have room for improvement.” “Signal has a huge code base, which is largely under-analyzed,” Aumasson said. The short version of their talk was that no company should ever rest on their security laurels and Signal is no exception. But our research shows that even the most secure things still have bugs,” said Vevier, who joined Aumasson during a talk Friday at the Infiltrate Conference. “Signal is one of the most secure messaging platforms. And they have been successful in privately disclosing what they consider more than a half-dozen flaws to Signal, most of which have been patched. MIAMI–Markus Vervier and Jean-Philippe Aumasson have spent the past six months poking security holes in the end-to-end encryption protocol Signal, all on their free time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |