[Review] Towards Precise Reporting of Cryptographic Misuses
The paper demonstrates an investigation into Java cryptographic misuse. To be brief, the paper does some research on current misuse detection techniques, analyzing the false positive cases and true positive cases they manifest. The paper discovers the root cause of high false positive rate and invalid true positive cases.
Introduction:
Many cryptographic misuse detection techniques have been proposed but with a high false positive rate. Additionally, many of the misuse alarms might not be very actionable to developers, and previous works might have overestimated the number of misuses and vulnerabilities.
Implementation:
Three main detection tools: CRYPTOGUARD, CogniCryptSAST, CRYPTOREX.
Two parts of investigations: false postive, invalid true postive.
Manually inspect the false positive cases and analyze their root cause.
Results:
- Some detectors’ implementation methods may have some mistakes.
- Detecting methods for static detectors should be updated. The same crypto API may be unsafe in some Java versions but safe in a higher version.
- Static seeds for random may not always be considered risky. The constant seed can also lead to proper random function.
- Whitelists require careful curation to capture common legitimate programming patterns.
- AES-ECB, http://, non-CSPRNG, and collision-prone hash functions have legitimate usages where they provide sufficient guarantees and desirable performance.
- Developers are sometimes bound by standard mandates to use certain algorithms and constants. As a partial refinement, one can extract class/method names known to be implementing such standards, and incorporate them in a misuse alarm filter.
Future work:
- That is, take real-world situations into account, instead of designing some constant patterns.
[Review] Towards Precise Reporting of Cryptographic Misuses