[guardian-dev] Fwd: Forensic Analysis of the ChatSecure Android

Nathan of Guardian nathan at guardianproject.info
Wed Oct 26 15:33:28 EDT 2016


Yes. We passed the audit with flying colors! :)

On Wed, Oct 26, 2016, at 11:54 AM, Hans-Christoph Steiner wrote:
> 
> Wait, what?  Did they really just include this sentence in their
> abstract:
> 
> "we devise a technique able to decrypt them when the secret passphrase,
> chosen by the user as the initial step of the encryption process, is
> known. "
> 
> Am I wrong in reading this as:
> "we can unlock chatsecure when we know the password"
> 
> .hc
> 
> Chris Ballinger:
> > This looks like a silly report, and would apply to any other app using
> > SQLCipher in a long running process, and in this case it's required to
> > receive messages in the background. From a quick read it looks like the
> > same passphrase is stored twice in memory for both the media and message
> > store which helps their recovery process, but once you have physical access
> > to a decrypted device in USB debugger mode there's all sorts of other ways
> > you can recover it.
> > 
> > 
> >> we devise
> >> a technique able to decrypt them when the secret passphrase, chosen by
> >> the user as the initial step of the encryption process, is known.
> > 
> > 
> > It's pretty obvious how you'd decrypt a SQLCipher database when the
> > passphrase is known.
> > 
> > Furthermore, we show how this passphrase can be identified and extracted
> >> from the volatile memory of the device, where it persists for the entire
> >> execution of ChatSecure after having been entered by the user, thus
> >> allowing one to carry out decryption even if the passphrase is not
> >> revealed by the user.
> > 
> > 
> > This is how encrypted databases work and there's not really a way around
> > it. You can encrypt the key in memory, but then you gotta keep the key for
> > the key somewhere else in memory. Even on iOS where you can store keys in
> > the device keychain, when the database is active the key needs to be in
> > memory somewhere.
> > 
> > Finally, we discuss how to analyze and correlate the data stored in the
> >> databases used by ChatSecure to identify the IM accounts used by the
> >> user and his/her buddies to communicate, as well as to reconstruct the
> >> chronology and contents of the messages and files that have been
> >> exchanged among them.
> > 
> > 
> > It's pretty easy to dump SQL tables..
> > 
> > 
> > 
> > 
> > 
> > 
> > On Wed, Oct 26, 2016 at 10:23 AM, Nathan of Guardian <
> > nathan at guardianproject.info> wrote:
> > 
> >> A great publication that really looks into detail on how we use
> >> SQLCipher, IOCipher and CacheWord in ChatSecure Android, and many other
> >> apps.
> >>
> >> Any thoughts on possible improvements to key management, data
> >> reducation, etc, would be great to hear.
> >>
> >> ***
> >>
> >> Tweet: https://twitter.com/arxiv_org/status/790671148002398208
> >>
> >> and publication:
> >> https://arxiv.org/abs/1610.06721
> >>
> >> Forensic Analysis of the ChatSecure Instant Messaging Application on
> >> Android Smartphones
> >>
> >> Cosimo Anglano, Massimo Canonico, Marco Guazzone
> >> (Submitted on 21 Oct 2016)
> >> We present the forensic analysis of the artifacts generated on Android
> >> smartphones by ChatSecure, a secure Instant Messaging application that
> >> provides strong encryption for transmitted and locally-stored data to
> >> ensure the privacy of its users.
> >> We show that ChatSecure stores local copies of both exchanged messages
> >> and files into two distinct, AES-256 encrypted databases, and we devise
> >> a technique able to decrypt them when the secret passphrase, chosen by
> >> the user as the initial step of the encryption process, is known.
> >> Furthermore, we show how this passphrase can be identified and extracted
> >> from the volatile memory of the device, where it persists for the entire
> >> execution of ChatSecure after having been entered by the user, thus
> >> allowing one to carry out decryption even if the passphrase is not
> >> revealed by the user.
> >> Finally, we discuss how to analyze and correlate the data stored in the
> >> databases used by ChatSecure to identify the IM accounts used by the
> >> user and his/her buddies to communicate, as well as to reconstruct the
> >> chronology and contents of the messages and files that have been
> >> exchanged among them.
> >> For our study we devise and use an experimental methodology, based on
> >> the use of emulated devices, that provides a very high degree of
> >> reproducibility of the results, and we validate the results it yields
> >> against those obtained from real smartphones.
> >>
> >>
> >>
> >> --
> >>   Nathan of Guardian
> >>   nathan at guardianproject.info
> >> _______________________________________________
> >> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> >> To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org
> >>
> > 
> > 
> > 
> > _______________________________________________
> > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> > To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org
> > 
> 
> -- 
> PGP fingerprint: EE66 20C7 136B 0D2C 456C  0A4D E9E2 8DEA 00AA 5556
> https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556
> _______________________________________________
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org


-- 
  Nathan of Guardian
  nathan at guardianproject.info


More information about the guardian-dev mailing list