research-article

Using static analysis tools to detect and correct non-compliant cryptography

Author:

Anthony LangsworthAuthors Info & Claims

ACM SIGSOFT Software Engineering Notes, Volume 36, Issue 6

Pages 1 - 7

https://doi.org/10.1145/2047414.2047427

Published: 14 November 2011 Publication History

Abstract

Security is an increasing concern for application developers, whether they are targeting internal customers, organizations or the general public. Particularly for the US public sector with requirements like FIPS 140, developers need to identify and remove superseded cryptography in both legacy applications and new development. This paper outlines a mechanism using static analysis tools to find outdated or improper cryptography and suggest corrections or correct code. This prevents the need for manual inspection and correction by developers familiar with cryptography and is more accurate than text searches.

References

[1]

Fortify 360 Source Code Analyzer (SCA), 2011. https://www.fortify.com/products/fortify360/ source-code-analyzer.html

[2]

Tolga Acar, Mira Belenkiy, Mihir Bellare, and David Cash. Cryptographic agility and its relation to circular encryption. Cryptology ePrint Archive, Report 2010/117, 2010. http://eprint.iacr.org/

[3]

Alex Biryukov and Dmitry Khovratovich. Related-key Cryptanalysis of the Full AES-192 and AES-256. Cryptology ePrint Archive, Report 2009/317, 2009. http://eprint.iacr.org/

[4]

Alex Biryukov, Dmitry Khovratovich, and Ivica Nikolić. Distinguisher and Related-Key Attack on the Full AES-256 (Extended Version), 2009. Cryptology ePrint Archive, Report 2009/241.

[5]

Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger. Biclique Cryptanalysis of the Full AES, 2011. Cryptology ePrint Archive, Report 2011/449.

[6]

Steve Christey. CWE top 25 most dangerous software errors, 2011. http://cwe.mitre.org/top25/.

[7]

Coverity, Inc. Coverity Static Analysis, 2011. http:// www.coverity.com/products/static-analysis.html

[8]

CWE-320: Key Management Errors. http://cwe.mitre.org/data/definitions/320.html

[9]

CWE-326: Inadequate Encryption Strength. http://cwe.mitre.org/data/definitions/326.html

[10]

CWE-327: Use of a Broken or Risky Cryptographic Algorithm. http://cwe.mitre.org/data/definitions/327.html

[11]

T. Dierks and C. Allen. The TLS Protocol Version 1.0, January 1999. http://www.ietf.org/rfc/rfc2246.txt

Digital Library

[12]

D. Evans and D. Larochelle. Improving security using extensible lightweight static analysis. IEEE Software, 19(1):42--51, Jan/Feb 2002. http://citeseerx.ist.psu.edu/viewdoc/download? doi=10.1.1.23.8576&rep=rep1&type=pdf

Digital Library

[13]

J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence, P. Leach, A. Luotonen, and L. Stewart. Http authentication: Basic and digest access authentication. http://www.ietf.org/rfc/rfc2617.txt

Digital Library

[14]

The Open Group. 'grep' Reference, 2008. http://pubs.opengroup.org/onlinepubs/ 9699919799/utilities/grep.html

[15]

Aberdeen Group. Security and the software development lifecycle: Secure at the source, December 2010. http://www.aberdeen.com/Aberdeen-Library/6825/RB-software-development-lifecycle.aspx

[16]

Michael Howard and David LeBlanc. Writing Secure Code. Microsoft Press, Redmond, Wash., 2nd edition, 2003.

Digital Library

[17]

Michael Howard. SDL Crypto Code Review Macro, June 2007. http: //blogs.msdn.com/b/michael_howard/archive/ 2007/06/14/sdl-crypto-code-review-macro.aspx

[18]

Michael Howard. Banned Crypto and the SDL, Jul 2009. http://blogs.msdn.com/b/sdl/archive/2009/07/16/banned-crypto-and-the-sdl.aspx

[19]

ISACA. COBIT 5 Initiative|Status Update, June 2011. http://www.isaca.org/Knowledge-Center/cobit/Pages/COBIT-5-Initiative-Status-Update.aspx

[20]

Earl E. Lee, II, John E. Mitchell, and William A. Wallace. Assessing vulnerability of proposed designs for interdependent infrastructure systems. In Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 2 - Volume 2, pages 20054.3, Washington, DC, USA, 2004. IEEE Computer Society.

Digital Library

[21]

Microsoft. FxCop, 2011. http://msdn.microsoft.com/en-us/library/bb429476(v=vs.80).aspx

[22]

National Institute of Standards and Technology (NIST). FIPS 140-2 Security Requirements for Cryptographic Modules, May 2001. Publication: http://csrc.nist.gov/publications/fips/fips140-2/Fips140-2.zip Module validation: http: //csrc.nist.gov/groups/STM/cmvp/index.html Algorithm validation: http: //csrc.nist.gov/groups/STM/cavp/index.html Annex C containing RNG requirements: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexc.pdf

[23]

National Institute of Standards and Technology (NIST). FIPS 140-3 Draft, December 2009. http://csrc.nist.gov/publications/drafts/ fips140-3/revised-draft-fips140-3_PDF-zip_document-annexA-to-annexG.zip

[24]

National Security Agency (NSA). NSA Suite B Cryptography, Nov 2010. http://www.nsa.gov/ia/programs/suiteb_cryptography/

[25]

D. Nelson. Crypto-Agility Requirements for Remote Dial-In User Service (RADIUS), November 2008. http://tools.ietf.org/html/ draft-ietf-radext-crypto-agility-requirements-01

[26]

Hilarie Orman and Paul Hoffman. Determining strengths for public keys used for exchanging symmetric keys, January 2004. http://tools.ietf.org/html/draft-orman-public-key-lengths-08

Digital Library

[27]

Yekaterina Tsipenyuk O'Neil. A few words about crypto, March 2009. http://blog.fortify.com/blog/2009/03/12/A-Few-Words-about-Crypto.

[28]

OWASP. OWASP guide to cryptography, May 2009. https://www.owasp.org/index.php/Guide_to_ Cryptography.

[29]

Paulo S.L.M. Barreto and Vincent Rijmen. The WHIRLPOOL Hashing Function, May 2003. http://pheattarchive.emporia.edu/courses/2007/cs260f07/hand42/Whirlpool.pdf.

[30]

C. Rigney, S. Willens, A. Rubens, and W. Simpson. Remote Authentication Dial In User Service (RADIUS). http://www.ietf.org/rfc/rfc2865.txt

Digital Library

[31]

Stacy Simpson. Fundamental practices for secure software development, February 2011. Pages 32--36 of http://www.safecode.org/publications/SAFECode_Dev_Practices0211.pdf

[32]

J. Smith, S. Russell, and M. Looi. Security as a safety issue in rail communications. In Proceedings of the 8th Australian workshop on Safety critical systems and software - Volume 33, SCS '03, pages 79{88, Darlinghurst, Australia, Australia, 2003. Australian Computer Society, Inc.

Digital Library

[33]

Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, and Benne de Weger. MD5 considered harmful today, December 2008. http://www.win.tue.nl/hashclash/rogue-ca/

[34]

Bryan Sullivan. Cryptographic agility: Defending against the sneakers scenario. https://media. blackhat.com/bh-us-10/presentations/Sullivan/BlackHat-USA-2010-Sullivan-Cryptographic-Agility-slides.pdf

[35]

Bryan Sullivan. Cryptographic agility. Microsoft Developer Network (MSDN) Magazine, August 2009. http://msdn.microsoft.com/en-us/magazine/ee321570.aspx

[36]

B A Wichmann, AA. Canning, D.L. Clutterbuck, L A Winsborrow, N.J. Ward, and D.W.R. Marsh. Industrial perspective on static analysis. IEEE, 1995. Also http://www.ida.liu.se/~TDDC90/papers/industrial95.pdf

[37]

Jeff Williams and Dave Witchers. OWASP Top 10 2010, 2010. https://www.owasp.org/index.php/Top_10_2010-Main

Cited By

Arzt SRoychoudhury ACadar CKim M(2022)Security code smells in apps: are we getting better?Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3540250.3549091(245-255)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3540250.3549091

Index Terms

Recommendations

Nonmalleable Cryptography

The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext ...
Nonmalleable Cryptography

The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so ...
RFC 5091: Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGSOFT Software Engineering Notes

ACM SIGSOFT Software Engineering Notes Volume 36, Issue 6

November 2011

117 pages

ISSN:0163-5948

DOI:10.1145/2047414

Issue’s Table of Contents

Copyright © 2011 Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 November 2011

Published in SIGSOFT Volume 36, Issue 6

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
304
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Arzt SRoychoudhury ACadar CKim M(2022)Security code smells in apps: are we getting better?Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3540250.3549091(245-255)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3540250.3549091

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents