Vlog - Hack In The Box
Premium security services to ensure ultimate cryptographic protection
Sensitive data has never been as vulnerable as today. Attackers are constantly looking for vulnerabilities to exploit and innovate ways to bypass security controls and security specialists’ vigilance in order to reach confidential information and tamper with it. Cryptography is meant to impede attackers from compromising the confidentiality and integrity of data at rest and in transit. However, cryptography can ensure data immunity only if it is designed and implemented properly. To achieve that, organisations usually need the assistance of dedicated specialists well-versed in both information security and cryptography.
xen1thLabs experts successfully meet such requirements. Our competencies in System Security Testing and a theoretical and practise-based knowledge of cryptography allow us to handle sophisticated cryptographic mechanisms and transform them into robust security enablers. Our specialists help organisations harness the capabilities of implemented cryptographic schemes and tools, ensure a high security posture, performance and operational endurance.
To guarantee a comfortable and well-thought collaboration of the laboratory and our customers, as well as to ensure a transparent workflow throughout the project, we define the following four logic stages of cryptographic advisory services:
To offer an optimal servicing model and to create a clear-cut project map, we start by putting together your initial requirements of cryptographic protection with a primary focus on your business needs. Concurrently, we investigate the existing security strategy to make cryptographic mechanisms its integral part.
Relying on the collected requirements, xen1thLabs experts offer optimal methodologies, tools and techniques that fit the project scope and objectives. The chosen methodology and tools are aligned with both an organisation’s technical capabilities and specific characteristics of tested cryptographic primitives and / or systems.
xen1thLabs experts analyze provided cryptographic primitives, algorithms and protocols implemented within target devices or systems. Tests are to reveal strengths and weaknesses of a cryptographic environment so that an organisation could estimate objectively the efficiency of the existing cryptographic implementation, as well as elaborate on required modifications.
A complex and precise domain, such as cryptography, requires specialists to unite a fine scientific and mathematical thinking as well as a professional hands-on experience. Such skills should also be complemented with a deep understanding of international standards and the capacity to capture the peculiarities of each specific cryptographic environment, which would eventually allow experts to build up a steady and integrated cryptographic defence layer.
We rely on the unique expertise of our security team. xen1thLabs specialists are qualified security professionals aware of all the benefits and drawbacks of implementing and using cryptographic mechanisms and are always ready to apply their one-of-a-kind intelligence to improve a particular cryptographic implementation.
We understand that a cryptographic system achieves required or target security levels and bounds only if it is aligned with a unique security landscape of an organisation. That’s why when providing our services, we always focus on an organisation’s peculiarities and assess what business benefits can be achieved with our technological competencies.
xen1thLabs specialists are proficient in performing a wide range of cryptanalytic attacks to explore the strength of a cryptographic system. We apply our academic knowledge, practical wisdom and best-of-breed equipment to perform state-of-the-art cryptanalytic attacks according to an organisation’s needs and specifics of a particular cryptographic system. xen1thLabs carries out cryptanalysis of cryptographic protocols to identify their security goals, define security assumptions, formalise and analyse protocols. We explore symmetric cryptographic primitives (block ciphers, stream ciphers, hash functions) and carry out cryptanalytic attacks. Additionally, xen1thLabs expert help organisations test asymmetric cryptographic primitives related to RSA, ECC as well as Post Quantum Crypto designs.
To prevent real exploits of hidden flaws in a cryptographic system, organisations need to run cryptanalysis of involved cryptographic schemes / algorithms. xen1thLabscryptanalysts assess cryptographic systems and apply practical techniques and theoretical knowledge to identify inherent weaknesses and security gaps. Our experts also investigate if cryptographic components are able to withstand cryptanalytic techniques, and the cryptographic strength is above mathematically-defined security bounds.
With top-end educational backgrounds, extensive research experience, strong ties to academia and deep expertise in Cryptographic Advisory Services, xen1thLabs professionals apply specific skills and use sophisticated equipment to perform high-grade cryptanalytic attacks. To provide a thorough analysis, our experts use best-in-class tools to investigate statistical properties, as well as leverage advanced cryptographic techniques.
Depending on an organisation’s needs, specifics of a particular cryptographic system, required techniques and tools, xen1thLabs carries out cryptanalysis of the following primitives:
Operating in an untrusted environment or among untrusted agents, cryptographic protocols are implemented to provide a secure data transport. However, if a cryptographic protocol is designed incorrectly, it fails to perform its security functions.
xen1thLabs experts perform a 4-step analysis of a cryptographic protocol:
- IDENTIFYING SECURITY GOALS
At the first stage of the analysis, xen1thLabs identifies security goals of a protocol. The list of security goals may include the following: confidentiality, authentication, integrity, deniability, nonrepudiation and availability.
- DEFINING SECURITY ASSUMPTIONS
Throughout testing, xen1thLabs specialists assume that an attacker can control and MiTM the communication medium, eavesdrop, redirect messages, inject and replay messages, apply cryptographic operations to the disclosed data, as well as generate keys and random numbers.
- FORMALISING THE PROTOCOL
In order to analyse a cryptographic protocol, xen1thLabs team gives detailed descriptions of cryptographic protocols and the representation of the channel implementations in terms of cryptography.
- ANALYSING THE PROTOCOL
Once a protocol has been formalised, xen1thLabs specialists apply dedicated verification tools to analyse such properties of a protocol as:
- SYMMETRIC CRYPTOGRAPHIC PRIMITIVES
In-depth analysis of symmetric cryptographic primitives is essential.
xen1thLabs cryptanalysts focus on the following symmetric cryptographic primitives:
To perform high-quality analysis, xen1thLabs adjusts existing cryptanalytic methods, frameworks and techniques to increasing cryptographic complexities and a constantly growing computational power.
- LINEAR CRYPTANALYSIS
While performing linear cryptanalysis, xen1thLabs uses probabilistic linear relations between the input and output of non-linear components of a cryptographic primitive. Our team successfully applies this type of cryptanalysis to block ciphers (a known-plaintext attack that relies on linear relations between plaintext and cipher text bits), stream ciphers and hash functions.
- DIFFERENTIAL CRYPTANALYSIS
xen1thLabs conducts differential cryptanalysis as one of the powerful techniques to analyse block ciphers, hash functions and stream ciphers. We study the propagation of differences through all transformations of a cipher.
In addition, we perform specific types of differential cryptanalysis, such as:
- OTHER GENERIC ATTACKS
xen1thLabs experts apply generic attacks to any instance of a primitive, without taking any design details into account. Our specialists perform the following types of generic attacks:
ASYMMETRIC CRYPTOGRAPHIC PRIMITIVE
While testing asymmetric cryptographic primitives, xen1thLabs cryptanalysts try to exploit the special properties of the cryptographic instances of the computational / mathematical problem and to provoke design and algorithmic failures.
- DESIGN FAILURES
Using meaningful security notions, xen1thLabs cryptanalysts check the design of a specific cryptographic scheme. A cryptographic scheme is defined as secure with respect to a certain security notion if a specific game between a challenger and an attacker cannot be won by the attacker with a non-negligible probability. Informally, a security notion consists of two definitions:
- ALGORITHMIC FAILURES
xen1thLabs team checks problems in a specific instance of a cryptographic problem. For example, the experts verify if the group selected for the discrete logarithm problem fulfils certain requirements or if the generated prime numbers for schemes based on the factoring problem are strong enough or if a Lattice-based scheme is secure under specific passive attacks, etc.
As cryptanalysis consists of different steps and implies using various techniques, xen1thLabs security team aims to provide customers with a detailed overview of the process and delivers reports that include:
We provide cryptographic protocols testing and validation services based on our team`s broad cryptographic know-how. Our experts assess the design of cryptographic protocols, develop security proofs as necessary and ensure protocols properties are satisfied. xen1thLabs team also ensures that the implemented algorithms or protocols function correctly, thus answering an organisation’s security purposes.
When implemented properly, cryptographic protocols become an advanced security mechanism allowing organisations to ensure data confidentiality, data integrity and end-to-end security of data-in-transit and data-at-rest. However, in reality, cryptographic algorithms and protocols design, as well as implementation flaws are multiple, which puts the very encryption goals at risk. Protocols should be tested to manifest a sufficient implied overall bit-level security and should entail proper key encapsulation mechanism, high levels of key agility, explicit key authentication, mutual authentication as relevant, perfect forward secrecy, and other properties as relevant to the solution and/or device under test.
xen1thLabs experts test and validate the design of cryptographic protocols as an integral part of its Cryptography Advisory Services . We rely on our technical capabilities, knowledge of cryptographic primitives and components to verify properties of cryptographic protocols. With a primary focus on cyber security, xen1thLabs believes that a professional analysis of cryptographic protocols is one of the important measures allowing to increase data confidentiality, integrity, business stability as well as reduce security risks in the long run.
PROVEN TESTING AND VALIDATION PROCESS
- TESTING AND VALIDATION: THE PROCEDURE
xen1thLabs follows a multistep testing and validation approach:
ALGORITHM VALIDATION CRITERIA
While identifying protocol components, functionality and mathematical formulas, xen1thLabs experts assess how adequate a cryptographic protocol is for the task, as well as:
xen1thLabs carries out cryptographic protocols testing and validation. This allows us to provide our customers with an extensive set of reports that include a detailed overview of the validation procedure and results. The organisation whose cryptographic algorithm or protocol successfully passes the validation, gets dedicated documents proving the quality of an algorithm or a protocol.
xen1thLabs experts will provide the organisation with a detailed explanation of the detected protocol flaws and vulnerabilities as well as define possible ways to address them.
xen1thLabs team of cryptography experts verifies the strength of cryptographic modules, performs hardware-based side-channel attacks, tests implemented cryptographic modules utilising HSMs, TPMs, IP cores and other cryptographic modules, analyses key management modules and entropy sources, investigates embedded software and firmware, applies finite state model analysis, monitors cryptographic key protection and more.
An overwhelming volume of sensitive data is processed, stored and transferred every day. This hastens companies to choose advanced cryptographic mechanisms to protect this data. At the same time, the sophistication of cryptographic systems and tools becomes a great challenge for organisations looking for their information immunity. Multiple requirements for implementing, managing and supporting complex crypto-environments often cause mistakes leading to critical security issues.
Our team of information security experts enables a secure implementation of cryptographic modules and a professional testing of the entire cryptographic ecosystem. We help organisations understand if their cryptographic modules are implemented correctly, check if all the requirements for cryptographic devices are followed appropriately and if cryptographic mechanisms fulfil their purposes, thus ensuring confidentiality and integrity of all data transmitted and stored across the organisation.
With a broad expertise in various domains of information security and cryptography, xen1thLabs offer implementation testing as an integral part of its Cryptographic Advisory Services. Implementation testing is an important measure that helps organisations to:
To cover the implementation testing needs, xen1thLabs uses the most advanced testing equipment, including EM probes and analytics tools, fault injections and statistical analysis tools, scanning electron machines, and others.
- RECONNAISSANCE OF CRYPTOGRAPHIC ENVIRONMENT
Our experts investigate the cryptographic environment under test thoroughly and define the cryptographic module structure (hardware, software and firmware components), analyse if all the components are implemented and configured correctly. xen1thLabs specialists explore all cryptographic modules and relevant interfaces. Additionally, xen1thLabs team studies if the documentation describes all security functions that are employed within a cryptographic module and specifies all modes of operation, as well as checks if an organisation adopted a relevant security policy for overall cryptographic implementation.
- INVESIGATION OF EMBEDDED SOFTWARE AND FIRMWARE
xen1thLabs analyses if all cryptographic software and firmware are installed correctly to protect their sources and executable code from unauthorised disclosure and modification. Software and firmware analysis provided by xen1thLabs covers such domains as secure source analysis, vulnerability scanning, fuzzing, performance and load testing, as well as advanced testing techniques.
- ANALYSIS OF IMPLEMENTED HARDWARE
While exploring implemented hardware, xen1thLabs pays a special attention to its physical security, so that all components stay safe and resistant to various types of attacks. Well-versed in hardware security testing, our experts conduct a number of implementation tests that cover physical protection review, simple power analysis (SPA), differential power analysis (DPA), and the associated electromagnetic tracing and timing analysis. Furthermore, xen1thLabs capabilities also allow to check up the ability of a cryptographic module to perform power-up self-tests and conditional self-tests to ensure that the module is functioning properly. Fault analysis and reverse-engineering are also conducted.
- FINITE STATE MODEL ANALYSIS
To specify the performance of a cryptographic module, xen1thLabs uses the finite state model that is usually represented with a state transition diagram and/or a state transition table. This type of analysis helps to reveal all operational and error states of a cryptographic module, possible transitions from one state to another, input events (including data inputs and control inputs) causing transitions from one state to another, and output events (including internal module conditions, data outputs and status outputs) resulting from transitions from one state to another.
- MONITORING CRYPTOGRAPHIC KEY PROTECTION
xen1thLabs analyses cryptographic key management within the solution / system under test. Our specialists observe the entire lifecycle of cryptographic keys and their components, as well as critical security parameters. We inspect such processes as key encapsulation mechanisms, generation, establishment, distribution, entry/output, storage and zeroisation.
By completing implementation testing, xen1thLabs provides organisations with an extensive set of documents that describe in detail the results of each test and analysis made.
The provided documentation can also include expert recommendations on how to improve the existing cryptographic environment and fix vulnerabilities and flaws in embedded software, firmware or hardware, thus enhancing the overall performance of an implemented cryptographic module and reaching the required security level.
xen1thLabs experts thoroughly select the appropriate techniques to carry out side-channel analysis and test different types of cryptographic algorithms and modules. xen1thLabs fulfils simple and differential power analysis, electromagnetic field analysis, template attacks, timing analysis, fault injection analysis, Hamming distance model based power analysis and Hamming weight based power analysis and more. We also aim to investigate enabled countermeasures, as well as elaborate and implement the missing ones.
While cryptography is gaining momentum and becomes a more widespread technology to ensure advanced data security, attackers keep improving their techniques to break cryptographic systems and algorithms. The fact that cryptographic algorithms are implemented in software or hardware on physical devices provides attackers with a possibility to influence the cryptographic environment and use side-channel attacks to reach the very heart of a cryptographic implementation and compromise secret data.
Furthermore, side-channel attacks performed by skillful adversaries are often more efficient than the attacks based on mathematical analysis. With this in mind, xen1thLabsteam offers side-channel analysis as an actionable measure to check readiness to thwart side-channel attacks, thus to preserve sensitive data from being exposed.
xen1thLabs experts apply their knowledge of mathematics, signal processing, and information security to provide side-channel analysis as a proven method to examine the reliability of the implemented cryptographic algorithms and modules.
While performing the analysis, our team takes advantage of implementation-specific characteristics to recover the secret parameters involved in the computational cycles of a cryptographic algorithm.
To match the needs of each organisation regardless of its business focus, xen1thLabs adopts its side-channel analysis services to test any type of cryptographic algorithms and modules. Relevant techniques are thoroughly selected and applied to symmetric and asymmetric cryptographic primitives.
Apart from performing high-quality side-channel attacks to evaluate robustness of cryptographic implementations against such attacks, xen1thLabs security specialists also verify the efficiency of the adopted countermeasures.
This type of analysis involves visual examination of graphs of the power used by a device over particular periods of time. SPA allows experts to analyse the power traces and detect which particular instruction is executed at a certain time and what values the input and output have. Being a basic side-channel technique that relies only on recording the intensity of the electric current, SPA is often complemented with differential power analysis.
Unlike simple power analysis, differential power analysis requires xen1thLabs team to use a more sophisticated statistical analysis in order to discover and retrieve information from the leakage. This type of attack is based on an analysis of the correlation between the power usage of a particular cryptographic device and cryptographic operations over secret keys. DPA is widely used to adjust the results of an SPA, as well as to reduce the noise generated with signals of a cryptographic device.
Electromagnetic field analysis is very similar to differential power analysis, however, the experts aim at measuring electromagnetic fields instead of power consumption.
The logic of template attacks is built on the fact that the power consumption of a cryptographic device depends on the data it processes. Template attacks usually include two phases. During the first phase, the analyst builds the templates, thus characterising the provided device. During the second phase, the specialist uses the pre-built templates for an attack. Template attacks can accompany both simple and differential power analysis.
Timing variations inherent to cryptographic algorithm performance can be leveraged by attackers to reveal secret parameters of the algorithms. In the worst scenario, a meticulous statistical analysis can even disclose all secret parameters. By performing timing analysis, xen1thLabs experts analyse the time that cryptosystems take to execute particular cryptographic algorithms and reveal if an attacker can gain access to secret keys by measuring the response time.
xen1thLabs security professionals perform fault injection analysis as a powerful cryptanalytic technique aiming to disturb cryptographic computations and provoke erroneous results to reveal secret keys. Our team is proficient in performing two major kinds of fault injections: via introducing computational faults and via sending a corrupted input data to make a cryptographic device handle a deviant scenario. Both types of injections allow the specialists to track the behaviour of the affected cryptographic device and assess potential risks if a real fault injection attack occurs.
xen1thLabs provides organisations with detailed reports on every type of side channel attacks performed. The documentation set encompasses techniques and methods chosen, attacks and results of the side-channel analysis. Apart from delivering a comprehensive set of documents, xen1thLabs also pays a particular attention to the relevant countermeasures.
Our experts investigate countermeasures ensuring the security of a particular cryptographic implementation. We also address the challenging task of selecting and implementing an appropriate combination of countermeasures, as well as testing them to determine their effectiveness on the algorithm, implementation.