Tuesday, April 15, 2014

CyLab Research Sheds Light on Heartbleed and Its Implications


Heartbleed is a significant event along the cyber security timeline. Its consequences will be with us all for quite awhile. If you haven't already come to grips with this issue, you should do so urgently.

For some guidance go to http://heartbleed.com/

To verify if a particular server is vulnerable, go to: http://filippo.io/Heartbleed/

For a command-line tool, go to: https://github.com/FiloSottile/Heartbleed

Here at CyLab, the story has provided us with an opportunity to reflect on some of our recent research and its relevancy to the problem at hand, e.g., --

Perspectives: If you scan a server, and find that it isn't vulnerable, you would still need to know if it had been vulnerable in the past, and/or if it has been updated. One way to answer that question is to determine if the private key has been updated. If you connect to the server with a Firefox browser that has the Perspectives extension installed, and then inspect the key history. To do so, click the Perspectives icon on the left-hand of the URL bar, and select "View Notary Results." (Of course, if the key has not been changed, you're still none the wiser.) For more on Perspectives, visit the Perspectives Project page.

TrustVisor: In TrustVisor, we proposed keeping the OpenSSL private key inside a PAL, which would have defended against this vulnerability. See our paper on TrustVisor: Efficient TCB Reduction and Attestation, authored by Jonathan M. McCune (now with Google), Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil Gligor and Adrian Perrig.

Flicker: In Flicker, we proposed to store the SSH password database inside a PAL, which would also prevent password theft. See Flicker: An Execution Infrastructure for TCB Minimization,
authored by three CyLab researchers Jonathan M. McCune, Bryan Parno (now with Microsoft), and Adrian Perrig (now with ETH Zurich), along with Michael K. Reiter of University of North Carolina (Chapel Hill), and Hiroshi Isozaki of Toshiba Corporation.

Perspectives, TrustVisor and Flicker all evolved out of CyLab's work on Trustworthy Computing Platforms and Devices. And this continues to be one of CyLab's major research thrusts.

Amit Vasudevan, a CyLab  Research Systems Scientist, and Miao Yu, a CyLab grad student, took a few moments to sit down with CyBlog, and share some insights on where we are and what's next.

According to Vasudevan, "the IEE technologies and prototypes we have been developing (XMHF - TrustVisor, KISS, Minibox, etc.) lay a solid foundation to protect against Heartbleed-like attacks."

"But going from our prototypes to the real-world is a different kind of challenge. The software ecosystem out there today does not really consider security as a first-class citizen. Consequently, tweaking these components to adapt to our IEE design is non-trivial ...  In the long term, developers of security-oriented/sensitive software would benefit from a simple and solid security framework that would allow them to leverage strong security properties, while letting them also implement the desired functionality. And our work with XMHF plus Trustvisor plus other hypapps (http://xmhf.org) is the right step in this direction."

"This bug is still underestimated," warns Yu.

He cites three reasons for his concern:
"Currently, we putting a lot of care into HTTPS websites. But other protocols, e.g., FTPS (used in file transfer) server, can also be impacted by this bug. 

"Not only servers, but also clients, e.g. smart phones and other devices, may suffer from this bug. And for certain devices, the problem can be even worse. For example, mobiles phones have long patch cycles. For the heartbleeding bug, the first patch of this bug came out in 20 minutes and web servers began the repair in the first day. But Android phones only get scanners, e.g., Bluebox Heartbleed Scanner or Heartbleed Detector to help users find out if their phone is vulnerable ... From our experience with past vulnerabilities, it would take tens of weeks until half of the mobile devices get patched. During this period, the devices are at risk. Other devices, which may use OpenSSL for establishing administration channels, also may suffer from long patch cycles. At CyLab, Zongwei Zhou, Miao Yu, Yoshiharu Imamoto, Amit Vasudevan, Virgil Gilgor and I have developed an isolated execution environment for the ARM mobile platform. It is quite similar to TrustVisor, but focuses on mobile system security, so that, e.g., you could run a banking client (or some other sensitive application) in an isolated execution environment, so that your code and data would still be secure in spite of this or other vulnerabilities present in Android.

"All three recent SSL bugs, i.e., IOS's goto fail bug, the GnuTLS bug and the Heartbleed bug are implementation-related rather than design related. The lesson is that design security doesn't mean implementation security. We do need runtime protection as a last line of defense."

-- Richard Power