Workshop: Secure Software Development: From Rookie to Hardcore in 90 Minutes

Transcript

1. Secure software development: from rookie to hardcore in 90 minutes

   iOS data security workshop @vixentael

2. Secure software development: from rookie to hardcore in 90 minutes

   iOS data security workshop @vixentael

3. @vixentael product engineer in security and cryptography started from iOS

   3 OSS maintainer: Themis, Acra conduct workshops & training about secure apps development training.cossacklabs.com

4. https://medium.com/@vixentael/popular-note-taking-apps-share- these-security-flaws-security-tips-for-developers-326180e41329 @vixentael

5. https://github.com/vixentael/ ios-datasec-basics @vixentael

6. Plan for next 85 mins: 1. Intro (Apple, OWASP, jailbreaks)

   @vixentael 2. Secure software development lifecycle 3. Stored data mistakes: key management and encryption 4. Practice time 5. Other data security things (network, logging, screenshots) 6. Reading list

7. Secure software development Apple (guidelines, rejection guides) users (upset, angry)

   money (breaches, legal actions, fines) why care anyway? @vixentael

8. http://headway.io/blog/apple-app-store-new- privacy-policy-what-you-need-to-know/ New App Store privacy policy - minimize the

   data you collect - be transparent on how you use the data - protect stored and transit data - remove data fully and quickly @vixentael

9. GDPR @vixentael Article 32/35: responsibly store and process data according

   to risks
 
 Article 33/34: detecting data leakage and alert users & controller https://gdpr-info.eu/

10. @vixentael https://gdpr-info.eu/ Article 32

11. OWASP Top-10 mobile risks www.owasp.org/index.php/OWASP_Mobile_Security_Project @vixentael • M1: Improper Platform

    Usage • M2: Insecure Data Storage • M3: Insecure Communication • M4: Insecure Authentication • M5: Insufficient Cryptography • M6: Insecure Authorization • M7: Client Code Quality • M8: Code Tampering • M9: Reverse Engineering • M10: Extraneous Functionality

12. OWASP Top-10 mobile risks • M1: Improper Platform Usage •

    M2: Insecure Data Storage • M3: Insecure Communication • M4: Insecure Authentication • M5: Insufficient Cryptography • M6: Insecure Authorization • M7: Client Code Quality • M8: Code Tampering • M9: Reverse Engineering • M10: Extraneous Functionality www.owasp.org/index.php/OWASP_Mobile_Security_Project @vixentael

13. Remote jailbreak iOS11 (patched in iOS12) https://twitter.com/kevin_backhouse/status/1057352656560287746 @vixentael

14. www.apple.com/business/site/docs/iOS_Security_Guide.pdf @vixentael 95 pages PDF

15. Most users trust sensitive data to your app regardless of

    how well you protect it.

16. Secure development lifecycle methodology MS SDL OWASP S-SDLC microsoft.com/en-us/sdl owasp.org/index.php/

    OWASP_Secure_Software_Develop ment_Lifecycle_Project @vixentael

17. Define sensitive data Design & implement security controls Verify security

    controls
 (testing, monitoring) SSDLC in a simple words @vixentael @vixentael during planning during planning & implementation acceptance testing / QA, unit testing during planning during planning & implementation acceptance testing / QA, unit testing

18. @vixentael @vixentael SSDLC in a simple words Define sensitive data

    Design & implement security controls Verify security controls
 (testing, monitoring) during planning during planning & implementation acceptance testing / QA, unit testing repeat

19. So, one by one

20. Sensitive data @vixentael @vixentael

21. Sensitive data @vixentael @vixentael geo-locations health data financial data kids

    locations cars remote control credentials logs PII

22. – any kind of data, that will break business objectives

    or prosperity of those who use data, if leaked. Sensitive data @vixentael @vixentael geo-locations health data financial data kids locations cars remote control credentials logs PII

23. Defining sensitive data: sensitive user data (PII, password) regulations (GDPR

    / HIPAA / PCI DSS) tech data (keys, logs, accesses) https://www.cossacklabs.com/blog/what-we-need-to-encrypt- cheatsheet.html @vixentael @vixentael

24. @vixentael @vixentael Security controls

25. Data security Application security Infrastructure security Monitoring Intrusion detection Vulnerability

    management @vixentael Security controls proactive and reactive

26. Proactive controls Data security encryption Access security authentication, firewalls, OS

    Node security firewalls, compartmentalization, isolation, OS @vixentael

27. Data security key management, integrity checks, authenticated crypto Access security

    credential management, access logging, jailbans Node security code security, monitoring, SIEM Reactive controls @vixentael

28. Verification, testing @vixentael @vixentael https://github.com/OWASP/owasp-mstg OWASP Mobile Security Testing Guide

    https://github.com/OWASP/owasp-masvs OWASP Mobile Application Security Verification Standard

29. MASVS @vixentael @vixentael

30. @vixentael @vixentael SSDLC again Define sensitive data Design & implement

    security controls Verify security controls
 (testing, monitoring) during planning during planning & implementation acceptance testing / QA, unit testing repeat

31. Storage encryption and key management

32. File and CoreData encryption https://developer.apple.com/documentation/uikit/core_app/ protecting_the_user_s_privacy/encrypting_your_app_s_files NSPersistentStoreFileProtectionKey @vixentael @vixentael

33. Store encrypted data: Encrypt stored data UserDefaults Files Database cells

    Backups @vixentael @vixentael

34. Symmetric encryption with integrity checks and long key AES-256-GCM Encrypt

    stored data @vixentael Use strong encryption

35. Symmetric encryption, mistakes @vixentael @vixentael wrong data scope poor encryption

    flow design bad key management bad cryptography encryption lib mis-use

36. Hashing: md5 vs sha256 @vixentael @vixentael https://passwordsgenerator.net/sha256-hash-generator/

37. ☠ md5 ☠ sha1 bcrypt https://dusted.codes/sha-256-is-not-a-secure- password-hashing-algorithm PBKDF2 sha256 sha512

    HKDF @vixentael Wanna hash password? Use KDF

38. https://www.raywenderlich.com/129-basic-ios-security-keychain- and-hashing @vixentael Use KDF

39. https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/ Password_Storage_Cheat_Sheet.md @vixentael should be random should be > 10k

    Use KDF correctly

40. https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf 269 CVEs from 2011-2014 17% 83% bugs inside crypto

    libs misuses of crypto libs by individual apps @vixentael

41. @vixentael @vixentael Even more mistakes XORing != encrypting using password

    as encryption key (without KDF) storing keys elsewhere use single encryption key for all data/users

42. @vixentael @vixentael Use encryption

43. @vixentael @vixentael should be random should use KDF(key) uses AES

    CBC, not AES GCM padding? salt? Use encryption correctly

44. Use “boring” crypto libraries ★ use strong & audited crypto

    ★ work everywhere ★ hide cryptographic details ★ hard to mis-use ★ have integration with key storage @vixentael https://speakerdeck.com/vixentael/dont-waste-time-on-learning- cryptography-better-use-it-properly

45. Encryption that hard to mis-use @vixentael @vixentael Themis

46. Encryption that hard to mis-use @vixentael @vixentael hides cryptographic details:

    salt, IV, KDF, padding built-in KDF, safe to use passphrase uses AES-256-GCM Themis

47. Storage Transport Multi- platform themis libsodium tink TLS
 themis libsodium

    OTRKit
 libsignal Made for one platform, some ports available RNCryptor CryptoSwift CommonCrypto https://www.cossacklabs.com/choose-your-ios-crypto.html @vixentael @vixentael

48. Key management APP TOKENS USER PASSWORDS PUBLIC CERTS let apiToken

    = “63ufHs2E82-cJgsm!djr7-Ks1TTYC4TV” let appId = "VK1TTYC4TV" let poolId = “us-east-1:r0s3s4r3-r3d-13375p34k" var userPass = "qwertyqwerty" @vixentael

49. APP FLOW BUILT-IN Keychain - KDF - encrypt @vixentael plist/files

    - encrypt - obfuscate - calculate

50. Practice time

51. https://github.com/vixentael/ ios-datasec-basics @vixentael

52. Built-in keys store as hardcode variable store obfuscated in plist,

    de-obfuscate on start store encrypted in plist, decrypt on start @vixentael

53. App flow keys store as memory variable store obfuscated/encrypted in

    User Defaults store in Keychain, protect by Biometrics @vixentael

54. https://github.com/vixentael/ ios-datasec-basics @vixentael

55. Other data security things

56. Transport encryption github.com/ssllabs/research/wiki/SSL-and-TLS- Deployment-Best-Practices private keys RSA-2048, ECDSA-256 obtain certificate

    from reliable CA TLS v1.3-v1.2 use secure cipher suites TLS_ECDHE_ECDSA_WITH_AES_ 256_GCM_SHA384 ✅ enable Forward Secrecy ✅ enable HSTS (web) . rotate certificates often @vixentael

57. SSL pinning Moya owasp.org/index.php/Pinning_Cheat_Sheet @vixentael

58. Update certificate Update app with hardcoded certificate Built-in several certificates

    Update from server: build trusted channel @vixentael SSL pinning

59. transport = Transport() transport?.setupKeys(serverId, serverPublicKey: serverPublicKey) session = TSSession(userId: clientIdData,

    privateKey: clientPrivateKeyData, callbacks: transport!) startSession(clientId: clientId, message: connectionMessage) Encrypt over SSL Themis @vixentael

60. Themis axolotl noise @vixentael Encrypt over SSL

61. medium.com/@AyunasCode/how-to-hide-your-api-keys-367ef6589949 shanirivers.me/posts/hiding-your-api-keys-for-ios-projects orta/cocoapods-keys awslabs/git-secrets keys.plist → .gitignore Do not commit

    secrets @vixentael

62. Do not log secrets cfpb/clouseau Automate checking code for forgotten

    secrets. @vixentael

63. @vixentael https://speakerdeck.com/vixentael/x-things-you- need-to-know-before-implementing-cryptography

64. Do’s and Don’ts
 of secure development

65. DON’T - Do things just because “they make security better”

    - Copy-paste from StackOverflow - Implement your own security controls where 
 solutions are available @vixentael

66. DO - Only things that address real valid risks -

    Use industry’s best practices, standards and tools - Explain why spending effort is necessary - Plan, implement, test, formalize - Watch the trends, follow experts @vixentael

67. Reading, watching

68. General theory http://mashable.com/2016/04/16/apple-security-explained/ How Apple Security works https://medium.com/@vixentael/popular-note-taking-apps-share-these-security-flaws-security- tips-for-developers-326180e41329 Popular

    note-taking apps share these security flaws https://medium.com/@cossacklabs/apple-export-regulations-on-crypto-6306380682e1 Apple Export Regulations on Cryptography https://howhttps.works/ How HTTPS works: cats

69. Cryptography https://www.owasp.org/index.php/Cryptographic_Storage_Cheat_Sheet Cryptographic Storage Cheat Sheet https://www.owasp.org/index.php/Key_Management_Cheat_Sheet Key Management Cheat

    Sheet https://developer.apple.com/library/content/documentation/Security/Conceptual/ cryptoservices/KeyManagementAPIs/KeyManagementAPIs.html Managing Keys, Certificates, and Passwords https://cossacklabs.com/choose-your-ios-crypto.html Crypto in iOS: choose your destiny

70. Testing http://iphonedevwiki.net/index.php/Crack_prevention Crack prevention https://mobile-security.gitbook.io/mobile-security-testing-guide/ios-testing-guide/0x06a- platform-overview Mobile Security Testing Guide

    https://github.com/OWASP/owasp-masvs OWASP Mobile Application Security Verification Standard

71. Talks & training github.com/vixentael/ my-talks training.cossacklabs.com

72. @vixentael product engineer in security and cryptography conduct workshops &

    training about secure apps development