By Diana Ion.

Too many times overlooked by common security measures, side channels can offer attackers new avenues for information gathering and possibly much more. 

A simple definition of a side-channel is something that enables you to find out something about a thing without directly observing that thing.   

Think of a quiet neighborhood during wintertime.  All roofs are covered by snow, except for one. Naturally, you would think about something shady going on there and you could be right. Meth labs release a lot of heat and the effect of this on the snowy roof gives you information about what is possibly happening inside without you needing to actually look. This is an example of a thermal channel. 

Another example that should be familiar to you from one of the spy movies you have watched, is the classic trick of using a stethoscope to listen to a safe’s mechanism while rotating the dial with the obvious aim of opening the safe. The side channel in this case is the sound. 

Up to this point, it should be clear that a side-channel constitutes a consequence of a particular action. Now it comes the most interesting part.  Cryptographic implementations are based on computations at the bit/byte level. While performing these computations, computers are using electric power. If you are observing the power trace from a chip running AES or DES on an oscilloscope, you will see discernable patterns coming from the number of rounds, the memory access, or other algorithmic detail. This process is called simple power analysis and is a type of direct implementation attack.  

An implementation attack targets faults in the hardware/software implementation of an algorithm and not in the design of the algorithm per se.  

A more advanced attack that can also be used to find the key used in AES encryption is differential power analysis. Here, the attacker needs access to the device for collecting power traces during normal AES encryptions. With an available set of measurements, the attacker creates a model of the side-channel, inputs a hypothetical key, takes the given output, and performs a statistical analysis between his output and the real output. Perseverance and patience must be employed.  

I am curious sometimes and, during one lazy quarantine day, I decided to give it a try myself and break AES encryption with power analysis. I found a dataset of measurements online and wrote a Python script. The key size was 128-bits, meaning 16 bytes. Probably you know that AES-128 consists of 10 rounds with each round, except the last one, performing some particular operations (SubBytes, ShiftRows, MixColumn, AddROundKey). If these are unfamiliar to you, please do a Google search for AES rounds. To make my life easier and prove that the key is breakable, I only attempted to break the first byte of the key, after the SubBytes operation.  This means running through all the possible key values for the first byte (0 through 255), encrypting the plaintext with each one and compare the end results.

I will not go further into detail as I do not want you to get bored. My point here is that faulty implementations can leak sensitive.  Do not underestimate the ingenuity of attackers when talking about methods for speeding up computations. There are profile attacks and deep learning techniques that need only a small number of measurements to break the encryption. Common methods of combating side-channel attacks are usually divided into ‘hiding’ and ‘masking’.  These can be done at any level: transistor level, program level, algorithmic level, or protocol level. We will explore these in a future article. 

By Atul Periwal.

You might be thinking of how a wallpaper can be a medium of malware? There might be an error but no, a wallpaper on android phone can be used as a medium of malware to crash your android mobile phone.

The image above, which can be directly downloaded from Google images, causes certain android phones to crash.

What is malware?

Before I explain to you about wallpaper as a medium of malware, I will explain about malware first. So basically malware is a paragliding word for malware that includes viruses, Trojan, ransomware, keyloggers, spyware, adware, worms, and so on. The exact motive can differ depending on the specific malware. The mutual interest among all of them is that they are all created with the goal of d and destruction.

Malware Wallpaper: What is it?

A member of Twitter i.e. Ice universe issued a warning on Twitter which states, “Never set this picture as wallpaper, especially for Samsung mobile phone users! It will cause your phone to crash! Don’t try it! If someone sends you this picture, please ignore it.”

When you download this image and set is as a wallpaper, an android phones tend to crash that make us to assume the maker of an image can have malicious intent. While some mobile phones after the crash can be rebooted and used in safe mode, some mobile phones can’t be recover. In such a scenario, it is natural to think that the picture has inserted some code that has caused the phone to crash.

To create this, the attacker has used the method called steganography. Using steganography, an attacker can insert malicious code in image and can send the image through different forms. Once the image is downloaded and opened, malicious code will automatically run on the device and perform its actions.

Malware Wallpaper: Causes

The investigation took place for this image and it was found that the image color changed when it was uploaded to Weibo. After the further investigation, they looked into the metadata of the image and discovered that Google Skia has a peculiar ICC colour profile-E3CADAB7BD3DE5E3436874D2A9DEE126. The investigation lead to the following:-

            Dimension: 1440 * 2560

            Colour space: RGB

            Colour profile: Google/Skia/ E3CADAB7BD3DE5E3436874D2A9DEE126

The colour profile for some Android devices tend to trip Google Skia’s graphics engine forcing them to reboot.

Technically while attempting to load the wallpaper with the embedded color profile, com.android.systemui.glwallpaper. ImageProcessHelper crashes from an ArrayIndexOutOfBoundsException.

When Android UI loads, the wallpaper loads which triggers another reboot. Due to that, the smartphone get stuck in a boot loop – which keep on rebooting when the wallpaper start loading.

Malware Wallpaper: Solutions

We can use a photo editor (like Photoshop) to remove the ICC color profile from the image and save the image without embedded color profile. It won’t trigger the malware, when we take a screenshot of the image and set it as a wallpaper. Another way is to use an EXIF software or app to remove the metadata from it which will also remove the colour profile. The only problem if we remove the colour profile is that it will make the image look less vivid.  

Conclusion

This wallpaper looks aesthetically beautiful but is it really important to download a wallpaper from an unknown sites or get it from a known or an unknown person? You might have a question as to what the problem is in transferring a picture from a known person. How would you know about the main source from where the wallpaper has been downloaded?

Don’t just get attracted to such wallpapers and download it from an unknown source. If you like to download it and set it as a wallpaper, download it from credible source like your phone company’s official Website/App. Please be safe and alert from the different methods that are used by attackers which causes harm to your digital systems as well as from Coronavirus that can harm your body system.

By Shameer Sabar.

As technology advances, and organisations incorporate more and more IT systems into their business in order to aid and facilitate their functions and processes, it becomes necessary for them to test the safety and security of these IT systems. Small and medium-sized enterprises also known as SMEs, are especially vulnerable to cyber attacks. According to the Cyber Security Breaches Survey of  2020, 68% of all medium size businesses in the United Kingdom found at least one cyber security breach or attack in the past 12 months. This is partly due to many SMEs not considering themselves targets and so many do not do enough to protect themselves, but even those aware of the risks usually do not have sufficient resources to defend themselves. This is not to say large businesses remain unaffected. The survey also highlighted that 75% of large businesses have also been affected.

Ethical hacking or penetration testing, allows organisations to seek out and correct vulnerabilities and flaws in the security and safety of their computer systems, networks and databases. While malicious hackers or black hat hackers penetrate databases and IT systems of an organisations with ill intent and personal gain, ethical hackers or white hat hackers are hired by the owner of the company and given permission to penetrate the network and computer systems using the same tools and knowledge of a criminal hacker but with the intention to determine vulnerabilities and weaknesses to the security of such systems and networks. Their work is conducted in a lawful and legal manner. by doing so, they can then recommend preventatives and corrective countermeasures to the organisation to prevent cyber attacks.

Ethical hackers use many methods of sourcing vulnerabilities. they use port scanning tools such as Nmap, Wireshark or Nessus to scan a company’s systems, analyse open ports, study the vulnerabilities of each port and take corrective measures. They also critically test patch installation processes to make sure no new vulnerabilities are introduced to take advantage of software updates and exploit them. Using the right tools, they also perform network traffic analysis and sniffing. Ethical hackers also rely on social engineering techniques to manipulate end users and find information about an organisation’s computing environment.

Like black hat hackers, ethical hackers look through activity on social media or GitHub, engage employees in phishing attacks through email or roam through premises with a clipboard to exploit vulnerabilities in physical security. However ethical hackers are given limitations restrictions to their social engineering techniques such as making physical threats to employees or other types of attempt to extort access or information in order to keep their hacking ethical and lawful.