Elsevier

Future Generation Computer Systems

Volume 74, September 2017, Pages 366-374
Future Generation Computer Systems

A technique to circumvent SSL/TLS validations on iOS devices

https://doi.org/10.1016/j.future.2016.08.019Get rights and content

Highlights

  • A technique to circumvent SSL/TLS validations on iOS devices.

  • Circumventing certificate and public key validation on iOS devices.

  • iOS apps using only system’s default certificate validations.

  • iOS app security vetting.

Abstract

SSL/TLS validations such as certificate and public key pinning can reinforce the security of encrypted communications between Internet-of-Things devices and remote servers, and ensure the privacy of users. However, such implementations complicate forensic analysis and detection of information disclosure; say, when a mobile app breaches user’s privacy by sending sensitive information to third parties. Therefore, it is crucial to develop the capacity to vet mobile apps augmenting the security of SSL/TLS traffic. In this paper, we propose a technique to bypass the system’s default certificate validation as well as built-in SSL/TLS validations performed in iOS apps. We then demonstrate its utility by analysing 40 popular iOS social networking, electronic payment, banking, and cloud computing apps.

Introduction

Securing communications in the Internet-of-Things environment is vital in safeguarding the transmission of sensitive data such as personally identifiable information (PII), medical conditions, and financial records. Typical tools used to secure communications in mobile apps include public-key infrastructure, Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Such measures are not foolproof. For example, in March 2001, VeriSign issued two digital certificates to an attacker impersonating a Microsoft employee  [1]. Consequently, the attacker had the ability to sign executable code using valid certificates assigned to Microsoft. In a more sophisticated intrusion, threat actors hacked the Adobe code signing infrastructure in 2012, which gave the attackers the capability to develop malware masquerading as genuine Adobe software  [2]. In a more recent example, malware used to target Brazilian banking institutions and SCADA systems were signed using legitimate SSL/TLS certificates issued by DigiCert and VeriSign  [3], [4].

The security of transmitted data can also be compromised using rogue SSL/TLS certificates. A study by Huang et al.  [5], for example, indicated that 0.2% of 3 million real-world connections to Facebook were tampered using counterfeit SSL/TLS certificates. Other research efforts  [6], [7], [8], [9] have demonstrated that standard SSL/TLS communications can trivially be broken when a man-in-the-middle (MiTM) attack is carried out by an adversary in control of a strategic network node or link such as a wireless router. Thus, mobile apps are vulnerable to MiTM attacks when SSL/TLS validations are not correctly implemented or when the user is tricked into accepting spoofed SSL/TLS certificates. In other words, stolen and rogue certificates give an adversary the capability to decrypt data in transit.

Surprisingly, a number of security mechanisms have been proposed in the literature. The importance of enhanced validations was emphasised by Berbecaru et al.  [10], who defined two architectures of certificate validation for on-line and off-line clients. The researchers also anticipated that future validation services would need to address the complexity of a large number of clients interconnecting with each other via different networks and processing capabilities. This is evident in our current Internet-connected society, where there is a wide range of Internet-connected devices (e.g. mobile and other Internet-of-Things devices). Despite the importance of implementing SSL/TLS validations, we observe that only 10 out of 40 popular iOS apps we examine in this paper perform certificate or public key validations.

In response to the Comodo attack  [11] in 2011, the Internet industry took decisive actions to mitigate SSL/TLS certificate and MiTM attacks. For example, Google developed the concept of pinning, which allows the hook up of a host to its X509 certificate or public key. In a typical mobile implementation of pinning, the host’s certificate or public key is embedded within an app. During the SSL/TLS handshake, the app retrieves the certificate presented by the host and performs the required verifications. For certificate pinning, the certificate presented by the host must match the certificate embedded within the app. Although certificate validation is relatively simple to implement, developers who adopt this method might need to update their apps frequently if the host regularly rotates its certificates. Conversely, the implementation of public key pinning is intricate in practice, as the public key needs to be extracted from the certificate presented by the host. However, this method is more flexible for maintenance if the same RSA private key is used to sign different certificates that rotate on regular basis.

In recent times, pinning has been extended to HTTP deployment, HTTP Public Key Pinning (HPKP). HPKP is a mechanism to prevent MiTM attacks targeting HTTPS websites. HTTPS is also used in mobile apps to send and request data respectively to and from remote servers, and has increasingly been used to fortify app communications. However, this prevents the analysis of transmitted data that may be required in a number of situations. In digital forensic investigations, for example, data-in-transit is an invaluable source of evidence for forensic examination. Recent forensic taxonomies of Android apps  [12], [13] only detail data that could be recovered from Android devices; hence, valuable information may be missed from real-time capture and analysis of data-in-transit. It is also important to develop techniques that allow users to determine whether their PII or other sensitive data is disclosed or at risk of disclosure. For example, the Android Uber app was initially identified as malware due to the number of requested permissions that were deemed to be suspicious. As Uber implements HPKP, without circumventing the SSL/TLS validations, one would not be able to analyse and subsequently, demonstrate that no malicious code was embedded within the app  [14].

Suffice to note that SSL/TLS validations are important security mechanisms not only to protect sensitive information, but they prevent the analysis of data transmitted from mobile devices and mobile apps. Thus, in this paper, we propose a technique that allows both dynamic and static analyses of mobile apps with built-in SSL/TLS validations such as certificate and public key pinning. We also demonstrate how our technique can be used with existing methods to circumvent generic SSL/TLS validations such as the system’s default certificate validation as well as hostname and root CA certificate verifications.

Section snippets

Related work

Existing literature on SSL/TLS security can be broadly categorised into Circumvention of Validations, Implementation and Validation Analysis, Security Enhancement, and Vulnerability Detection.

Proposed technique to circumvent system’s default and built-in SSL/TLS validations

Our technique, described in Fig. 1(a) and (b), is designed to intercept HTTPS traffic to/from a mobile device by allowing one to circumvent the system’s default certificate validation and built-in SSL/TLS validations in mobile apps.

Hardware and software configuration

We deployed a custom configuration to support the bypass methods presented in Section  3. While the primary data interception and Method 1 could be successfully executed using a non-jailbroken device, for the rest of the methods, however, a jailbroken device would be imperative. Therefore, we proceeded with the jailbreaking of an iPhone 5S (16 GB) running iOS 9.0.1. To jailbreak the device, we used Pangu (http://en.pangu.io/). Then, we installed the most recent versions of the 40 case study

Findings

The results of the analysis of the 40 case study apps are summarised in Table 4 and discussed in Sections  5.1 Apps using built-in SSL/TLS validations, 5.2 Apps using only system’s default certificate validations.

Discussion

While the SSL Kill Switch could be used to circumvent SSL/TLS validations, such an attack could be easily prevented by apps refusing to initiate an SSL/TLS connection when the presence of the tool is detected on the communicating device. In addition, apps that rely on the whole certificate or a public key to perform custom verifications using a byte-by-byte comparison function, such as memcmp, would not be affected by disabling the system’s default validations via SSL Kill Switch. In other

Concluding remarks and future work

Securing our critical infrastructure including Internet-of-Things is an area of ongoing interest  [33], [34], [35], [36], [37]. This is unsurprising as the growing popularity of Internet-of-Things devices (including mobile devices and apps) makes them an attractive target for cybercriminals seeking to exfiltrate sensitive user data and compromise the privacy of the users  [38], [39], [40].

Pinning (e.g. certificate validations and HPKP) is one popular solution to securing communications between

Acknowledgements

The authors would like to thank the associate editor and anonymous reviewers for providing constructive and generous feedback. Despite their invaluable assistance, any errors remaining in this paper are solely attributed to the authors.

Christian J. D’Orazio received the B.Sc. degree in Computer Engineering from University of La Matanza, Argentina, in 2000 and the M.Sc. degree in Cyber Security and Forensic Computing from the University of South Australia, Australia, in 2013. He is currently pursuing the Ph.D. degree in Cyber Security and Digital Forensics at the University of South Australia, and is the co-inventor of a provisional patent application on iOS app security.

References (41)

  • Y. Fan et al.

    Malicious sequential pattern mining for automatic malware detection

    Expert Syst. Appl.

    (2016)
  • K.-K.R. Choo

    The cyber threat landscape: Challenges and future research directions

    Comput. Secur.

    (2011)
  • B. Fonseca, VeriSign issues false Microsoft digital certificates, 23 March, IT World Canada, viewed 22 March 2016,...
  • R. Naraine, Adobe code signing infrastructure hacked by ‘sophisticated threat actors’, 27 September, ZDNet, viewed 9...
  • J. Segura, Digital certificates and malware: a dangerous mix, 4 February, Malwarebytes LABS, viewed 9 March 2016, 2013....
  • S. Ragan, VeriSign working to mitigate Stuxnet digital signature theft, 21 July, The Tech Herald, viewed 9 March 2016,...
  • L.-S. Huang, A. Rice, E. Ellingsen, C. Jackson, Analyzing forged SSL certificates in the wild, in: Proceedings of the...
  • V. Moonsamy, L. Batten, Mitigating man-in-the-middle attacks on smartphones–a discussion of SSL pinning and DNSSec, in:...
  • S. Fahl, M. Harbach, H. Perl, M. Koetter, M. Smith, Rethinking SSL development in an appified world, in: Proceedings of...
  • M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh, V. Shmatikov, The most dangerous code in the world: Validating...
  • L. Onwuzurike, E. De Cristofaro, Short: Danger is my middle name–experimenting with SSL vulnerabilities in android...
  • D. Berbecaru, A. Lioy, M. Marian, On the complexity of public-key certificate validation, in: Proceeding of the...
  • G. Keizer, Solo Iranian hacker takes credit for Comodo certificate attack, 27 March, Computerworld, viewed 13 March...
  • A. Azfar, K.-K.R. Choo, L. Liu, Forensic taxonomy of popular Android mHealth apps, in: Proceedings of the Americas...
  • M. Plachkinova, S. Andrés, S. Chatterjee, A taxonomy of mHealth apps–security and privacy concerns, in: Proceedings of...
  • W. Clark, Uber’s App is Anything but Malware, 10 December, BETTER, viewed 10 March 2016, 2014....
  • N. Rudrappa, Defeat SSL Certificate Validation for Google Android Applications, McAfee, viewed 16 March 2016, 2013....
  • D. Andzakovic, Bypassing SSL Pinning on Android via Reverse Engineering, Security-assessment.com, viewed 16 March 2016,...
  • F. Sierra, A. Ramirez, Defending your android app, in: Proceedings of the ACM Conference on Research in Information...
  • D. Mayer, Bypass OpenSSL Certificate Pinning on iOS, 7 January, NCC Group, viewed 15 March 2016, 2015....
  • Cited by (35)

    • Threaten me softly: A review of potential dating app risks

      2021, Computers in Human Behavior Reports
      Citation Excerpt :

      For example, an attacker can exploit vulnerabilities (e.g., technical flaws) either in protocols or their implementations to bypass the security measures and hijack the communications, as we have previously demonstrated (Shetty et al., 2020; D'Orazio & Choo, 2017). Generally, a dating app is considered insecure if any of the three CIA aspects (i.e., confidentiality, integrity, and availability) are violated (Shetty et al., 2020; D'Orazio & Choo, 2017). Confidentiality is compromised when an user gains unauthorized access to someone's personal information; Integrity is compromised when a user changes someone's information; Availability is compromised when a user is able to deny access to someone's information.

    • The role of the adversary model in applied security research

      2019, Computers and Security
      Citation Excerpt :

      The adversary was provided with a total of 13 capabilities, such as Modify and Extract. The model was latter extended to detect vulnerabilities in iOS devices and apps, with adversary capabilities such as Re-sign, Brute-force, Hook, Disassemble and Erase (D'Orazio et al., 2017; D'Orazio and Choo 2018; 2017). Jiang et al. (2016) developed AppShell, a system for protecting sensitive information on Android devices that may be obtained by an attacker in case of theft.

    • A two-stage locality-sensitive hashing based approach for privacy-preserving mobile service recommendation in cross-platform edge environment

      2018, Future Generation Computer Systems
      Citation Excerpt :

      In addition, we will collaborate with mobile forensics researcher to use the technique in mobile forensics [40–42], investigate the feasibility of integrating privacy-preservation into other classic recommendation approaches [43–46] and compare our proposal with other noise-based ones [47,48].

    View all citing articles on Scopus

    Christian J. D’Orazio received the B.Sc. degree in Computer Engineering from University of La Matanza, Argentina, in 2000 and the M.Sc. degree in Cyber Security and Forensic Computing from the University of South Australia, Australia, in 2013. He is currently pursuing the Ph.D. degree in Cyber Security and Digital Forensics at the University of South Australia, and is the co-inventor of a provisional patent application on iOS app security.

    Kim-Kwang Raymond Choo received the Ph.D. in Information Security from Queensland University of Technology, Australia. He currently holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio, and is an associate professor at University of South Australia and a guest professor at China University of Geosciences. He was named one of 10 Emerging Leaders in the Innovation category of The Weekend Australian Magazine/Microsoft’s Next 100 series in 2009, and is the recipient of various awards including ESORICS 2015 Best Research Paper Award, Highly Commended Award from Australia New Zealand Policing Advisory Agency, British Computer Society’s Wilkes Award, Fulbright Scholarship, and 2008 Australia Day Achievement Medallion. He is a Fellow of the Australian Computer Society, and a Senior Member of IEEE.

    View full text