Storage of sensitive data in a Java enabled cell phone

Storage of sensitive data in a Java enabled cell phone MSc Thesis Tommy Egeberg June 2006 Agenda • • • • • • Introduction Problem Methods Results Conclusion Further Work -Introduction Introduction • Cell phones → small computers • Stores a lot of sensitive information – RMS, email, SMS, calendar … • Able to run Java applications – Mobile SSO solution • Store passwords -Problem Main problem Will a Java MIDlet on a cellular phone be a secure location to store sensitive information? -Problem Research Questions • What is already known about security in Java enabled cell phones? • Will information stored on a cellular phone be easy to extract? • How can we secure the stored sensitive information even if the cellular phone is lost or stolen? • What kind of threats will the cell phone be vulnerable to? • What kind of countermeasures can be used to reduce or eliminate the threats? -Methods Methods • Literature study – J2ME specifications – Communication link; cell phone ↔ server • Prototype – Try to break into the prototype • Security analysis – Identify threats and vulnerabilities -Methods Digital safe • Master password – PIN – Pass-faces – Stored as a SHA1 hash digest • The sensitive information – AES encrypted with a 128 bit key • Key derived from master password, username and a iteration count of 20, like described in PKCS5v2 [1] -Methods Remote deletion • SMS sent to the phone with the digital safe installed – – – – Defined port number The AMS starts the digital safe SHA1 value of password Deletes the stored information -Methods Stealing MIDlet • • • • • Upgrade a previously installed MIDlet The RMS will not be erased Read the stored information Identical values in the JAD file Can be used to inject Trojan code -Results Results • Encryption and decryption – Bouncy Castle Crypto API [2] • AES, SHA1, … • Remote deletion is a poor functionality – Can easily be deactivated • Data stored in the RMS can easily be extracted -Results Data extraction • Forensic methods [3] – Desoldering techniques, boundary-scan (JTAG) – Native applications • Windows Mobile, Symbian OS • Stealing MIDlet • Phone Managers – Backup of MIDlet’s RMS -Results Stealing MIDlet A Stealing MIDlet’s JAD file • Overwrite the installed MIDlet • MIDlet-Name and MIDlet-Vendor • Source code – Add Trojan code MIDlet-1: StealingMIDlet,, StealingMIDlet MIDlet-Jar-Size: MIDlet-Jar-URL: 4743 StealingMIDlet.jar MIDlet-Name: MIDlet-Vendor: Password Store Tommy Egeberg 1.0 CLDC-1.1 MIDP-2.0 • A signed MIDlet can not be upgraded with an unsigned MIDlet! MIDlet-Version: MicroEditionConfiguration: MicroEditionProfile: -Results Phone Managers • Oxygen Phone Manager II [4] – Backup Java MIDlets – Backup MIDlet's RMS • MOBILedit! [5] – Forensic edition available -Results RMS backup -Results -Results Threats & Vulnerabilities • Information extracted • Trojan code – Keyboard sniffer, send information to hacker, … • • • • Phone is stolen Brute-force attacks Remote deletion disabled MIDlet installation request -Results Countermeasures • Reflash cell phone OS • Check MIDlet size and functionality • Sign the MIDlet – Prevent Stealing MIDlets • Strong master password and encryption • Frequently update the login credentials -Conclusion Conclusion • A strong master password must be chosen – The key in the encryption process, access to the application • Data easily extracted – Encryption extremely important • The MIDlet should be signed – Prevent installation of Stealing MIDlets, trusted source -Further work Further Work • SATSA (The Security and Trust Service API) • Biometric authentication – Speech recognition (Java Speech API) • Proactive password checking • Synchronization service – Update the stored login credentials if the phone is lost References [1] RSA-Laboratories. March 1999. Pkcs5v2.0: Password-based cryptography standard. [2] Bouncy Castle. Bouncy Castle Crypto Package. Light-weight API, release 1.33. [3] Willassen, S. Y. Spring 2003. Forensics and the GSM mobile telephone system. International Journal of Digital Evidence, 2, 10–11. [4] Oxygen-Software. Oxygen phone manager for Nokia phones (forensic edition) http://www.opm-2.com [5] Compelson laboratories. MOBILedit! Forensic http://www.mobiledit.com