Page 12 - FIGI: Security audit of various DFS applications
P. 12
HTTPS traffic is encrypted. While they are oth- setting for the application or clear textTrafficPer-
er ways to encrypt traffic, HTTPS is the stan- mitted in the network security configuration.
dard way for communication between apps and When clear text traffic is disabled, the appli-
servers. If data is transferred over HTTP or other cation and other components it uses (e.g., the
non-encrypted protocols, then it could easily be media player) will refuse to use clear text traffic.
intercepted or even modified by an attacker. Clear text traffic can easily be eavesdropped and
b) T3�2 Application should detect Machine-in-the- manipulated by attackers.
Middle attacks with untrusted Certificates: Note that even if the application fails this test, it
When running the traffic through a machine-in- does not necessarily mean that the application
the-middle (MITM) proxy that does not own a will send or receive clear text traffic.
trusted certificate for the server of the app, the
app should refuse the connection.
MITM proxies can be used to intercept HTTPS 2�4 M4 Insecure Authentication
traffic, decrypt it for inspection and modification The following tests are made by running the applica-
and the re-encrypt it before sending it off to the tion on a phone and observing its behaviour.
intended server. A typical attacker does not own
valid certificates for the destination server; thus a) T4�1 Authentication required before accessing
the app should detect that the certificate of the sensitive information:
proxy is not signed by a trusted authority. If the The app should request a password, a PIN code,
app does not check the validity of the certificate, or a fingerprint before giving access to sensitive
an attacker can intercept and modify the traffic. information or functionality (e.g., balances and
c) T3�3 Application should detect Machine-in-the- payments).
Middle attacks with trusted certificates: This can be tested by using the application on
When running the traffic through a machine- the phone.
in-the-middle (MITM) proxy that uses a certifi- The impact of not authenticating the user every
cate signed by a CA that is trusted by the smart time is that if the phone is stolen or lent while
phone, the app should refuse the connection. unlocked, an attacker could access sensitive data
Different situation can arise where the operator or functionality.
of the proxy is able to generate certificates that b) T4�2 The application should have an inactivity
are trusted by the phone. The operator can be timeout:
a CA operator (e.g., a government), the opera- This can be tested by leaving the application
tor may be a company that has installed its root open for a while and observing whether it locks
certificate on the phones of the company, or the itself automatically.
root certificate may have been installed by hand If there is no timeout, or if it is too long, the risk is
by the user or an attacker. The application can that if the phone is stolen or lent while unlocked,
protect itself against this type of attack by doing an attacker could access sensitive data or func-
a root pinning. This means that the app knows tionality.
which CA is expected to sign the server certifi- b) T4�3 If a fingerprint is added, authentication
cate and it will refuse certificates signed by other with fingerprints should be disabled:
CAs, even if these CAs are trusted. Executing this When a new fingerprint is registered on the
test usually requires rooting of the phone to be phone, the app should disable authenticate by
able to install a root certificate. fingerprint until the user has provide the PIN or
If the application does not apply certificate pin- password for the application.
ning, then traffic could be intercepted by govern- The risk is that an attacker could succeed in reg-
ments or by attackers having succeeded in hack- istering his own fingerprint on the phone and the
ing one of the many trusted root CAs. access the apps that are protected by finger-
d) T3�4 App manifest should not allow clear text prints.
traffic: c) T4�4 It should not be possible to replay inter-
Using clear text traffic is disabled by default on cepted requests:
Android 8.1 or higher. The app manifest should Replaying a request (e.g., a money transfer) that
not contain settings that override this default. was captured by a man-in-the-middle proxy
These can be the android: usesCleartextTraffic should not result in the same request being exe-
cuted twice.
10 Security audit of various DFS applications