research-article

Helping Johnny encrypt: toward semantic interfaces for cryptographic frameworks

Authors:

Mukul Kulkarni,

Tudor DumitraşAuthors Info & Claims

Onward! 2016: Proceedings of the 2016 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software

Pages 180 - 196

https://doi.org/10.1145/2986012.2986024

Published: 20 October 2016 Publication History

Abstract

Several mature cryptographic frameworks are available, and they have been utilized for building complex applications. However, developers often use these frameworks incorrectly and introduce security vulnerabilities. This is because current cryptographic frameworks erode abstraction boundaries, as they do not encapsulate all the framework-specific knowledge and expect developers to understand security attacks and defenses. Starting from the documented misuse cases of cryptographic APIs, we infer five developer needs and we show that a good API design would address these needs only partially. Building on this observation, we propose APIs that are semantically meaningful for developers, we show how these interfaces can be implemented consistently on top of existing frameworks using novel and known design patterns, and we propose build management hooks for isolating security workarounds needed during the development and test phases. Through two case studies, we show that our APIs can be utilized to implement non-trivial client-server protocols and that they provide a better separation of concerns than existing frameworks. We also discuss the challenges and potential approaches for evaluating our solution. Our semantic interfaces represent a first step toward preventing misuses of cryptographic APIs.

References

[1]

Cryptography.io - cryptographic standard library, 2013.

[2]

Y. Acar, M. Backes, S. Fahl, D. Kim, M. Mazurek, and C. Stransky. You get where you’re looking for: The impact of information sources on code security. In IEEE Security & Privacy, 2016.

[3]

S. Arzt, S. Nadi, K. Ali, E. Bodden, S. Erdweg, and M. Mezini. Towards secure integration of cryptographic software. In G. C. Murphy and G. L. S. Jr., editors, 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software, Onward! 2015, Pittsburgh, PA, USA, October 25-30, 2015, pages 1–13. ACM, 2015. ISBN 978-1-4503-3688-8.

Digital Library

[4]

E. Barker and A. Roginsky. Transitions: Recommendation for transitioning the use of cryptographic algorithms and key lengths. Technical Report 800-131A Revision 1, NIST Special Publication, 2015.

Digital Library

[5]

S. Bellovin. On the brittleness of software and the infeasibility of security metrics. IEEE Security & Privacy, (4), 2006.

Digital Library

[6]

D. J. Bernstein, T. Lange, and P. Schwabe. The security impact of a new cryptographic library. In Progress in Cryptology– LATINCRYPT 2012, pages 159–176. Springer, 2012.

Digital Library

[7]

J. J. Bloch. How to design a good API and why it matters. In P. L. Tarr and W. R. Cook, editors, Companion to the 21th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2006, October 22-26, 2006, Portland, Oregon, USA, pages 506–507. ACM, 2006. ISBN 1-59593-491-X.

Digital Library

[8]

C. Bodei, M. Buchholtz, P. Degano, F. Nielson, and H. R. Nielson. Static validation of security protocols. J. Comput. Secur., 13(3):347–390, May 2005. ISSN 0926-227X.

Digital Library

[9]

T. M. Corporation. Common weaknesses enumeration. https: //cwe.mitre.org.

[10]

N. Delessy-Gassant, E. B. Fernandez, S. Rajput, and M. M. Larrondo-Petrie. Patterns for application firewalls. In Pattern Languages of Programs Conference (PLoP), 2004.

[11]

D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Communications of the ACM, 20(7): 504–513, 1977.

Digital Library

[12]

Z. Durumeric, J. Kasten, D. Adrian, J. A. Halderman, M. Bailey, F. Li, N. Weaver, J. Amann, J. Beekman, M. Payer, and V. Paxson. The matter of Heartbleed. In Proceedings of the Internet Measurement Conference, Vancouver, Canada, Nov 2014.

Digital Library

[13]

M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel. An empirical study of cryptographic misuse in android applications. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 73–84. ACM, 2013.

Digital Library

[14]

S. Fahl, M. Harbach, H. Perl, M. Koetter, and M. Smith. Rethinking ssl development in an appified world. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 49–60. ACM, 2013.

Digital Library

[15]

E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design Patterns: Elements of Reusable Object-oriented Software. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA, 1995. ISBN 0-201-63361-2.

Digital Library

[16]

M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh, and V. Shmatikov. The most dangerous code in the world: validating ssl certificates in non-browser software. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 38–49. ACM, 2012.

Digital Library

[17]

M. Hafiz. A collection of privacy design patterns. In Pattern Languages of Programs Conference (PLoP), 2006.

Digital Library

[18]

M. Hafiz, P. Adamczyk, and R. E. Johnson. Organizing security patterns. IEEE Software, 24(4):52–60, 2007.

Digital Library

[19]

T. Heyman, K. Yskout, R. Scandariato, and W. Joosen. An analysis of the security patterns landscape. In Third International Workshop on Software Engineering for Secure Systems, SESS 2007, Minneapolis, MN, USA, May 20-26, 2007, page 3. IEEE Computer Society, 2007. ISBN 0-7695-2952-6.

Digital Library

[20]

L. Huang, A. Rice, E. Ellingsen, and C. Jackson. Analyzing forged SSL certificates in the wild. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014, pages 83–97, 2014.

Digital Library

[21]

S. Hunt and D. Sands. On flow-sensitive security types. SIGPLAN Not., 41(1):79–90, Jan. 2006. ISSN 0362-1340.

Digital Library

[22]

C. Kern. Preventing security bugs through software design, August 2015.

[23]

D. Litzenberger. Pycrypto - the python cryptography toolkit.

[24]

Y. Liu, W. Tome, L. Zhang, D. Choffnes, D. Levin, B. Maggs, A. Mislove, A. Schulman, and C. Wilson. An end-to-end measurement of certificate revocation in the web’s pki. In Proceedings of the 2015 ACM Conference on Internet Measurement Conference, pages 183–196. ACM, 2015.

Digital Library

[25]

B. Reaves, N. Scaife, A. Bates, P. Traynor, and K. R. Butler. Mo (bile) money, mo (bile) problems: analysis of branchless banking applications in the developing world. In 24th USENIX Security Symposium (USENIX Security 15), pages 17–32, 2015.

Digital Library

[26]

B. Rodrigues, F. M. Quintão Pereira, and D. F. Aranha. Sparse representation of implicit flows with applications to sidechannel detection. In Proceedings of the 25th International Conference on Compiler Construction, CC 2016, pages 110– 120, New York, NY, USA, 2016. ACM. ISBN 978-1-4503- 4241-4.

Digital Library

[27]

T. Saridakis. Design patterns for fault containment. In Pattern Languages of Programs Conference (PLoP), 2003.

[28]

M. Schumacher. Security patterns and security standards. In EuroPLoP, pages 289–300, 2002.

[29]

M. Schumacher. Firewall patterns. In EuroPLoP, 2003.

[30]

P. Sommerlad. Reverse proxy patterns. In Pattern Languages of Programs Conference (PLoP), 2003.

[31]

K. E. Sorensen. Session patterns. In Pattern Languages of Programs Conference (PLoP), 2002.

[32]

C. Steel, R. Nagappan, and R. Lai. Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management. Core Series. Prentice Hall PTR, 2005. ISBN 9780131463073.

[33]

G. S. Team. keyczar - easy-to-use crypto toolkit, 2008.

[34]

N. Unger, S. Dechand, J. Bonneau, S. Fahl, H. Perl, I. Goldberg, and M. Smith. Sok: Secure messaging. In Security and Privacy (SP), 2015 IEEE Symposium on, pages 232–249. IEEE, 2015.

Digital Library

[35]

B. van Delft, S. Hunt, and D. Sands. Very static enforcement of dynamic policies. CoRR, abs/1501.02633, 2015.

Digital Library

[36]

J. Yoder and J. Barcalow. Architectural patterns for enabling application security. In Pattern Languages of Programming Conference (PLoP), volume 51, page 61801, 1997.

[37]

K. Yskout, R. Scandariato, and W. Joosen. Does organizing security patterns focus architectural choices? In M. Glinz, G. C. Murphy, and M. Pezzè, editors, 34th International Conference on Software Engineering, ICSE 2012, June 2-9, 2012, Zurich, Switzerland, pages 617–627. IEEE, 2012. ISBN 978-1-4673-1067-3.

Digital Library

[38]

L. Zhang, D. Choffnes, T. Dumitras, D. Levin, A. Mislove, A. Schulman, and C. Wilson. Analysis of SSL certificate reissues and revocations in the wake of Heartbleed. In Proceedings of the Internet Measurement Conference, Vancouver, Canada, Nov 2014.

Digital Library

Cited By

Seymour WAbdi NRamokapane KEdu JSuarez-Tangil GSuch JBalzarotti DXu W(2024)Voice app developer experiences with alexa and google assistantProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3699182(5035-5052)Online publication date: 14-Aug-2024
https://dl.acm.org/doi/10.5555/3698900.3699182
Mousavi ZIslam CMoore KAbuadbba ABabar MQuek TGao DZhou JCardenas A(2024)An Investigation into Misuse of Java Security APIs by Large Language ModelsProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3661134(1299-1315)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3661134
Kanaoka AAbe M(2024)Enhanced Analysis of Cryptographic Library Usage Patterns and Trends in Android Applications2024 IEEE Conference on Dependable and Secure Computing (DSC)10.1109/DSC63325.2024.00031(88-93)Online publication date: 6-Nov-2024
https://doi.org/10.1109/DSC63325.2024.00031
Show More Cited By

Index Terms

Helping Johnny encrypt: toward semantic interfaces for cryptographic frameworks

Recommendations

J2EE Development Frameworks

Java 2 Enterprise Edition has excelled at standardizing many important middleware concepts. For example, J2EE provides a standard interface for distributed transaction management, directory services, and messaging. In addition, Java 2 Standard Edition (...
Public-Key encryption from ID-Based encryption without one-time signature
OTM'06: Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I

Design a secure public key encryption scheme and its security proof are one of the main interests in cryptography In 2004, Canetti, Halevi and Katz [8] constructed a public key encryption (PKE) from a selective identity-based encryption scheme with a ...
Attacks on implementations of cryptographic algorithms: side-channel and fault attacks
SIN '13: Proceedings of the 6th International Conference on Security of Information and Networks

Cryptographic algorithms, which withstand cryptanalysis after years of rigorous theoretical study and detailed scrutiny have been shown to succumb to attacks that exploit the vulnerabilities in their implementations. Therefore, there has been a vast ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

Onward! 2016: Proceedings of the 2016 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software

October 2016

268 pages

ISBN:9781450340762

DOI:10.1145/2986012

General Chair:
Eelco Visser
Delft University of Technology, Netherlands
,
Program Chairs:
Emerson Murphy-Hill
North Carolina State University, USA
,
Crista Lopes
University of California at Irvine, USA

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

In-Cooperation

SIGAda: ACM Special Interest Group on Ada Programming Language

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 October 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Maryland Procurement Office

Conference

SPLASH '16

Sponsor:

SIGPLAN

SPLASH '16: Conference on Systems, Programming, Languages, and Applications: Software for Humanity

November 2 - 4, 2016

Amsterdam, Netherlands

Acceptance Rates

Overall Acceptance Rate 40 of 105 submissions, 38%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
199
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)2

Reflects downloads up to 15 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Seymour WAbdi NRamokapane KEdu JSuarez-Tangil GSuch JBalzarotti DXu W(2024)Voice app developer experiences with alexa and google assistantProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3699182(5035-5052)Online publication date: 14-Aug-2024
https://dl.acm.org/doi/10.5555/3698900.3699182
Mousavi ZIslam CMoore KAbuadbba ABabar MQuek TGao DZhou JCardenas A(2024)An Investigation into Misuse of Java Security APIs by Large Language ModelsProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3661134(1299-1315)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3661134
Kanaoka AAbe M(2024)Enhanced Analysis of Cryptographic Library Usage Patterns and Trends in Android Applications2024 IEEE Conference on Dependable and Secure Computing (DSC)10.1109/DSC63325.2024.00031(88-93)Online publication date: 6-Nov-2024
https://doi.org/10.1109/DSC63325.2024.00031
Ishii DKanaoka A(2023)Vision: How to Provide Documentation to Non-skilled Developers for Appropriate Use of Cryptography: Action Research Study on Expert MonitoringProceedings of the 2023 European Symposium on Usable Security10.1145/3617072.3617119(218-223)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3617072.3617119
Tschannen PAhmed A(2020)Bitcoin’s APIs in Open-Source Projects: Security Usability EvaluationElectronics10.3390/electronics90710779:7(1077)Online publication date: 30-Jun-2020
https://doi.org/10.3390/electronics9071077
Tschannen PAhmed ALi JJaccheri LDingsøyr TChitchyan R(2020)On the Evaluation of the Security Usability of Bitcoin's APIsProceedings of the 24th International Conference on Evaluation and Assessment in Software Engineering10.1145/3383219.3383277(405-412)Online publication date: 15-Apr-2020
https://dl.acm.org/doi/10.1145/3383219.3383277
Yavuz TBai K(2020)Analyzing system software components using API model guided symbolic executionAutomated Software Engineering10.1007/s10515-020-00276-5Online publication date: 19-Sep-2020
https://doi.org/10.1007/s10515-020-00276-5
Braga ADahab RAntunes NLaranjeiro NVieira M(2019)Understanding How to Use Static Analysis Tools for Detecting Cryptography Misuse in SoftwareIEEE Transactions on Reliability10.1109/TR.2019.293721468:4(1384-1403)Online publication date: Dec-2019
https://doi.org/10.1109/TR.2019.2937214
Yavuz T(2019)Detecting Callback Related Deep Vulnerabilities in Linux Device Drivers2019 IEEE Cybersecurity Development (SecDev)10.1109/SecDev.2019.00018(62-75)Online publication date: Sep-2019
https://doi.org/10.1109/SecDev.2019.00018
Gorski PIacono LWermke DStransky CMoeller SAcar YFahl S(2018)Developers deserve security warnings, tooProceedings of the Fourteenth USENIX Conference on Usable Privacy and Security10.5555/3291228.3291250(265-280)Online publication date: 12-Aug-2018
https://dl.acm.org/doi/10.5555/3291228.3291250
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten