skip to main content
10.1145/3464971.3468418acmconferencesArticle/Chapter ViewAbstractPublication PagesisstaConference Proceedingsconference-collections
research-article

Ensuring correct cryptographic algorithm and provider usage at compile time

Published: 11 July 2021 Publication History

Abstract

Using cryptographic APIs to encrypt and decrypt data, calculate digital signatures, or compute hashes is error prone. Weak or unsupported cryptographic algorithms can cause information leakage and runtime exceptions, such as a NoSuchAlgorithmException in Java. Using the wrong cryptographic service provider can also lead to unsupported cryptographic algorithms. Moreover, for Android developers who want to store their key material in the Android Keystore, misused cryptographic algorithms and providers make the key material unsafe.
We present the Crypto Checker, a pluggable type system that detects the use of forbidden algorithms and providers at compile time. For typechecked code, the Crypto Checker guarantees that only trusted algorithms and providers are used, and thereby ensures that the cryptographic APIs never cause runtime exceptions or use weak algorithms or providers. The Crypto Checker is easy-to-use: it allows developers to determine which algorithms and providers are permitted by writing specifications using type qualifiers.
We implemented the Crypto Checker for Java and evaluated it with 32 open-source Java applications (over 2 million LOC). We found 2 issues that cause runtime exceptions and 62 violations of security recommendations and best practices. We also used the Crypto Checker to analyze 65 examples from a public benchmark of hard security issues and discuss the differences between our approach and a different static analysis in detail.

Supplementary Material

Auxiliary Archive (isstaws21ftfjpmain-id5-p-archive.zip)
This is the appendix of paper "Ensuring Correct Cryptographic Algorithm and Provider Usage at Compile Time".

References

[1]
Sharmin Afrose, Sazzadur Rahaman, and Danfeng Yao. 2020. A Comprehensive Benchmark on Java Cryptographic API Misuses. In Data and Application Security and Privacy. 177–178.
[2]
Apache. 2021. Apache Commons Crypto. https://github.com/apache/commons-crypto
[3]
Maarten Bodewes. 2016. Stack Overflow: Java - Default RSA padding in SUN JCE/Oracle JCE. https://stackoverflow.com/questions/21066902/default-rsa-padding-in-sun-jce-oracle-jce
[4]
Gilad Bracha. 2004. Pluggable type systems. In OOPSLA Workshop on Revival of Dynamic Languages.
[5]
Spot Bugs. 2021. SpotBugs: Find bugs in Java Programs. https://spotbugs.github.io/
[6]
Alexia Chatzikonstantinou, Christoforos Ntantogian, Georgios Karopoulos, and Christos Xenakis. 2016. Evaluation of cryptography usage in Android applications. In Bio-inspired Information and Communications Technologies (formerly BIONETICS). 83–90.
[7]
Tim Cooijmans, Joeri de Ruiter, and Erik Poll. 2014. Analysis of secure key storage solutions on android. In Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices. 11–20.
[8]
The MITRE Corporation. 2021. CWE-327: Use of a Broken or Risky Cryptographic Algorithm. https://cwe.mitre.org/data/definitions/327.html
[9]
W. Dietl, S. Dietzel, M. D. Ernst, K. Muslu, and T. W. Schiller. 2011. Building and Using Pluggable Type-Checkers. In Software Engineering in Practice Track, International Conference on Software Engineering (ICSE).
[10]
Eclipse. 2021. An implementation of the Git version control system in pure Java. https://github.com/eclipse/jgit
[11]
Manuel Egele, David Brumley, Yanick Fratantonio, and Christopher Kruegel. 2013. An empirical study of cryptographic misuse in Android applications. In Computer and Communications Security (CCS). 73–84.
[12]
Jeffrey S Foster, Tachio Terauchi, and Alex Aiken. 2002. Flow-sensitive type qualifiers. In Programming Language Design and Implementation (PLDI). 1–12.
[13]
Checker Framework. 2021. Constant Value Checker. https://checkerframework.org/manual/##constant-value-checker
[14]
Checker Framework. 2021. Constant Value Checker Qualifier Hierarchy. https://checkerframework.org/manual/##fig-value-hierarchy
[15]
Google. 2020. Android Keystore Provider. https://developer.android.com/training/articles/keystore##SupportedAlgorithms
[16]
Google. 2020. Android Keystore System. https://developer.android.com/training/articles/keystore##HardwareSecurityModule
[17]
Google. 2021. Error Prone Bug Pattern: InsecureCryptoUsage. https://errorprone.info/bugpattern/InsecureCryptoUsage
[18]
JSR 308 Expert Group. 2021. Type Annotations (JSR 308). https://jcp.org/en/jsr/detail?id=308
[19]
David Hook. 2005. Beginning cryptography with Java. John Wiley & Sons.
[20]
Joe. 2020. Issue: Cryptographic API misuse detected. https://github.com/a466350665/smart/issues/47
[21]
LGTM. 2021. LGTM: Continuous security analysis. https://lgtm.com/
[22]
Martin Kellogg, Martin Schäf, Serdar Tasiran, Michael D. Ernst. 2020. AWS Crypto-Policy Compliance Checker. https://github.com/awslabs/aws-crypto-policy-compliance-checker
[23]
mogol. 2021. Issue: ECB Mode is Insecure. https://github.com/mogol/flutter_secure_storage/issues/60
[24]
Sarah Nadi, Stefan Krüger, Mira Mezini, and Eric Bodden. 2016. Jumping through hoops: Why do Java developers struggle with cryptography APIs? In International Conference on Software Engineering (ICSE). 935–946.
[25]
Oracle. 2021. Java Cryptography Architecture (JCA) Reference Guide. https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html
[26]
Rumen Paletov, Petar Tsankov, Veselin Raychev, and Martin Vechev. 2018. Inferring crypto API rules from code changes. In Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation. 450–464.
[27]
Matthew M. Papi, Mahmood Ali, Telmo Luis Correa Jr., Jeff H. Perkins, and Michael D. Ernst. 2008. Practical pluggable types for Java. In International Symposium on Software Testing and Analysis (ISSTA). 201–212.
[28]
Sazzadur Rahaman, Ya Xiao, Sharmin Afrose, Fahad Shaon, Ke Tian, Miles Frantz, Murat Kantarcioglu, and Danfeng Yao. 2019. Cryptoguard: High precision detection of cryptographic vulnerabilities in massive-sized Java projects. In Computer and Communications Security (CCS). 2455–2472.
[29]
Sonar Source. 2021. SonarSource builds world-class products for Code Quality & Security. https://www.sonarsource.com/
[30]
Synopsys. 2021. Coverity Static Application Security Testing (SAST). https://www.synopsys.com/software-integrity/security-testing/static-analysis-sast.html
[31]
Carnegie Mellon University. 2020. MSC61-J. Do not use insecure or weak cryptographic algorithms. https://wiki.sei.cmu.edu/confluence/display/java/MSC61-J.+Do+not+use+insecure+or+weak+cryptographic+algorithms
[32]
John R Vacca. 2013. Cyber Security and IT Infrastructure Protection. Syngress.

Cited By

View all
  • (2024)Cognitive Programming AssistantAdvances in Information and Communication10.1007/978-3-031-54053-0_1(1-11)Online publication date: 17-Mar-2024

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
FTfJP '21: Proceedings of the 23rd ACM International Workshop on Formal Techniques for Java-like Programs
July 2021
67 pages
ISBN:9781450385435
DOI:10.1145/3464971
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 July 2021

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Java
  2. cryptography
  3. pluggable type system
  4. static analysis

Qualifiers

  • Research-article

Funding Sources

  • NSERC
  • WHJIL
  • Early Researcher Award

Conference

ISSTA '21
Sponsor:

Acceptance Rates

Overall Acceptance Rate 51 of 75 submissions, 68%

Upcoming Conference

ISSTA '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)9
  • Downloads (Last 6 weeks)1
Reflects downloads up to 10 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Cognitive Programming AssistantAdvances in Information and Communication10.1007/978-3-031-54053-0_1(1-11)Online publication date: 17-Mar-2024

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media