GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → lucapiccolboni → Crylogger

lucapiccolboni / Crylogger

Licence: mit
CRYLOGGER: Detecting Crypto Misuses for Android and Java Apps Dynamically

Programming Languages

java
68154 projects - #9 most used programming language

Labels

androidcryptographyemulator

Projects that are alternatives of or similar to Crylogger

Distaff
Zero-knowledge virtual machine written in Rust
Stars: ✭ 119 (-4.8%)
Mutual labels:  cryptography
Gospeccy
A ZX Spectrum Emulator written in Go
Stars: ✭ 121 (-3.2%)
Mutual labels:  emulator
I2pd
🛡 I2P: End-to-End encrypted and anonymous Internet
Stars: ✭ 1,796 (+1336.8%)
Mutual labels:  cryptography
Retro8
PICO-8 implementation with SDL2 and RetroArch back-ends
Stars: ✭ 116 (-7.2%)
Mutual labels:  emulator
Easyprotector
一行代码检测XP/调试/多开/模拟器/root
Stars: ✭ 1,732 (+1285.6%)
Mutual labels:  emulator
Endesive
en-crypt, de-crypt, si-gn, ve-rify - smime, pdf, xades and plain files in pure python
Stars: ✭ 122 (-2.4%)
Mutual labels:  cryptography
Cryptogotchas
A collection of common (interesting) cryptographic mistakes.
Stars: ✭ 118 (-5.6%)
Mutual labels:  cryptography
E4vm
A small portable virtual machine that would run Erlang on embedded systems
Stars: ✭ 124 (-0.8%)
Mutual labels:  emulator
Alpine Term
Repository has been moved.
Stars: ✭ 121 (-3.2%)
Mutual labels:  emulator
Chest
Bash glue to encrypt and hide files
Stars: ✭ 123 (-1.6%)
Mutual labels:  cryptography
Pycryptodome
A self-contained cryptographic library for Python
Stars: ✭ 1,817 (+1353.6%)
Mutual labels:  cryptography
Gbemu
WebAssembly based Gameboy Emulator
Stars: ✭ 120 (-4%)
Mutual labels:  emulator
Emukit
WebXR immersive console emulator w/ Retroach, Javascript, and WASM
Stars: ✭ 123 (-1.6%)
Mutual labels:  emulator
Jor1k
Online OR1K Emulator running Linux
Stars: ✭ 1,568 (+1154.4%)
Mutual labels:  emulator
Vrf.js
A pure Javascript Implementation of Verifiable Random Functions
Stars: ✭ 124 (-0.8%)
Mutual labels:  cryptography
Cruzbit
A simple decentralized peer-to-peer ledger implementation
Stars: ✭ 118 (-5.6%)
Mutual labels:  cryptography
Byuu
byuu is a multi-system emulator focused on performance, features, and ease of use.
Stars: ✭ 123 (-1.6%)
Mutual labels:  emulator
Noise
A decentralized P2P networking stack written in Go.
Stars: ✭ 1,695 (+1256%)
Mutual labels:  cryptography
Noise
.NET Standard 1.3 implementation of the Noise Protocol Framework (revision 33 of the spec)
Stars: ✭ 124 (-0.8%)
Mutual labels:  cryptography
Chromium Gost
Chromium с поддержкой алгоритмов ГОСТ
Stars: ✭ 123 (-1.6%)
Mutual labels:  cryptography
View All Similar Projects ➔

Introduction

CRYLOGGER detects cryptographic (crypto) misuses in Android apps. A crypto misuse is an invocation to a crypto API that does not respect common security guidelines, such as those suggested by cryptographers or organizations like NIST and IETF. For instance, CRYLOGGER can tell you if your Android app uses AES in ECB mode to encrypt multiple data blocks, which is bad in cryptography.

CRYLOGGER detects crypto misuses for you automatically, without requiring to analyze a single line of your code. First, CRYLOGGER runs your Android app on the official Android Emulator, whose Java libraries have been instrumented to log the parameters passed to the relevant crypto APIs. Then, it analyzes the log file offline and reports all the crypto misuses. Differently from other approaches, it does not employ static analysis. CRYLOGGER runs your app by using Monkey or the user-interface events you send to the emulator.

If you want to know more about CRYLOGGER, please contact me at [email protected] or read our Oakland paper:

Luca Piccolboni, Giuseppe Di Guglielmo, Luca P. Carloni and Simha Sethumadhavan, "CRYLOGGER:
Detecting Crypto Misuses Dynamically", in IEEE Symposium on Security and Privacy (SP), 2021.

Requirements

There are not a lot of requirements that are specific to CRYLOGGER. If you satisfy the requirements of the AOSP and you install all the Python packages required for scripts/run.py and scripts/check.py you are good to go! CRYLOGGER has been tested on Android-9.0.0_r36 (this is the default version of the emulator that is installed as explained below). It should be easy to adapt it to other Android builds. For the host machine, we used a machine with a clean installation of Ubuntu 18.04.1.

Make sure you install the Android SDK if you want to compile the test app included in this repository (directory test-app) and set the environment variable ANDROID_SDK_ROOT to point to it.

Emulator Setup

Once you satisfy the requirements of the AOSP, it is sufficient to run the following command to setup the emulator and CRYLOGGER:

cd scripts/setup
./setup_emu.py

This scripts downloads the AOSP in a new directory android-emu from the official Google repositories, installs CRYLOGGER by copying the files from the directory scripts/deltas, and builds it. Please refer to the scripts in the directory scripts/setup for more information. By default, it uses all the available cores to compile the AOSP.

In addition, if you want to install apps from the Google Play Store, you need to install the OpenGApps. You can do so by running the following commands:

cd scripts/setup
./setup_opengapps.sh

The OpenGApps (x86-9.0-super-20210127) are downloaded in script/opengapps so they can be installed on the emulator.

Verify your App

You are now ready to run your app on the Android emulator and collect the log that contains information about the crypto APIs that are invoked. We call this log "cryptolog". Here, we verify a simple Android app that you can find in the directory app-test. If you have your own APK to test, you can skip the compilation of app-test, otherwise:

cd app-test
./gradlew build

If the compilation is successfull, you should find a file named com.example.aes_0.apk in the folder test-app that points to the APK of the test app. If you use your APK, make sure you use the following naming convention: <package_name>_<version>.apk, where <package_name> is the package name of the Android app and <version> is its version number. Copy the APK in the directory scripts/data/apks:

cp app-test/com.example.aes_0.apk scripts/data/apks/

You need to start the emulator by passing the option -writable-system (this option is only used to install the OpenGApps):

# Setup the env variables
cd android-emu
source build/envsetup.sh
lunch sdk_phone_x86-userdebug
# Now start the emulator
emulator -writable-system

Collect the logs

The emulator should be now running. Wait for the completion of the boot process, and then run the following script to execute your app:

cd scripts
python run.py --work_dir data --session emulator-<number>

where <number> is the emulator session number (you can find it in the title bar of the emulator window). By default the script run.py (1) installs the OpenGApps, if they have not been installed in a previous run, (2) configures the emulator, so that your app can be tested with Monkey, (3) installs your app on the emulator, (4) runs your app with Monkey by using a fixed number of user-interface events (default 100), (5) collects the cryptolog, which contains information about the use of the crypto APIs, and (6) uninstalls the app. You can easily modify the script run.py if you want to use your own user-generated events.

Analyze the logs

After 'run.py' completes, you should find the log in the directory scripts/data/crypto_logs. Now you can analyze them by running the following command:

cd scripts
python check.py --work_dir data/crypto_logs --rule_ID <number>

where <number> is the number of the crypto rule you want to check. CRYLOGGER support 26 rules that are explained in the paper as well as in the script check.py. These rules are suggested by cryptographers or organizations like NIST and IETF. Try for example to check rule R-03 by using the following command:

cd scripts
python check.py --work_dir data/crypto_logs --rule_ID 03

You should obtain a file with extension .rules in the directory scripts/data/crypto_logs that tells you if rule R-03 is violated. For the app included in this repository the rule should be violated because the app performs encryptions and decryptions by using the insecure ECB mode. Note that some rules require two executions of your app, thus you need to run the script run.py twice. The second run should look like this:

# Start emulator
cd android-emu
emulator -writable-system
# Run the script
cd ../scripts
python run.py --work_dir data --session emulator-<number> --suffix 2

This command runs again your app on the emulator and appends '2' to the cryptolog files (extension .cryptolog2 instead of simply .cryptolog). You can check rules that require two executions, for example rule R-05 with the following command:

cd scripts
python check.py --work_dir data/crypto_logs --rule_ID 05

If you want to check all the rules supported by CRYLOGGER, omit the flag --rule_ID.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].