Wibu-Systems Blog

Repelling the BadUSB Exploit with Cryptography and Secure Boot

Posted by Terry Gaul on Aug 7, 2014 5:06:02 PM

By now, many of you have heard about the “BadUSB” exploit, where two security researchers at Security Research Labs demonstrated how they could perpetrate an attack on USB devices.  By reprogramming the USB’s firmware with malicious code, attackers could gain control of a PC or any other USB-driven peripheral, such as a mouse, keyboard or even a smartphone. Once the infected USB is connected to the device, the software can be programmed to perform any number of malicious acts, from corrupting data to impersonating a USB keyboard to type in its own commands. And, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted.

So what should we conclude about the vulnerabilities of USB sticks? Given the ubiquity of USB technology, consumers using USB memory sticks should be aware of the potential threat and be more cautious about the origin of the stick and who else may have used it, before it’s connected to a device.  But we should also be aware that not all USB sticks are alike and some, such as our WibuKeys and CodeMeter sticks (CmStick), incorporate advanced security technology that make attacks, such as BadUSB, impossible to perpetrate.

Let’s take a deeper look. Each USB stick consists of a controller chip and at least one memory module. The controller is responsible for the communication with the computer over the USB interface, and manages the memory. In principle, this can be equated to a microcomputer that, upon being plugged in, boots its operating system (firmware) from a non-visible part of the flash memory. Then it sets the flash memory of the computer as an available drive.

For economic reasons, the firmware on USB sticks is updateable, and therein lies the vulnerability. There are two ways to update the firmware: 1) a safe, secure boot process or 2) a simpler one with obfuscation of undocumented commands. The latter approach applies to all classic USB sticks and is the main vulnerability to the BadUSB threat.

The first step to a BadUSB attack is the manipulation of the firmware, which must be reversed engineered. New custom firmware is then developed and loaded onto the stick, in a manner that circumvents the obfuscation protection.

Secondly, the modified USB stick presents itself to the computer as an HID device. Once the USB stick is connected, the computer recognizes the HID device and initializes it automatically  -  a standard procedure that would not draw suspicion from the user. Once initialized, the modified firmware goes into action and the programmed malware is unleashed.

Although the explanation of the exploit seems simple enough, the demonstration by Security Research Labs is extremely difficult to achieve. Reverse-engineering controller firmware requires great technical skills and is extremely time consuming. Plus, the attack is controller specific, so it would require extensive knowledge of the specific chip and the reverse engineering effort would need to be repeated for each threat.

However, as we have grown to understand the hacking community, we don’t underestimate their persistence and leave nothing to chance in terms of the protection we build into our CmSticks.  At Wibu-Systems, our own security experts have been developing and refining technologies to make software safe from malicious tampering since 1989.

Our family of CodeMeter CmSticks comes in many form factors. All are implemented on a separate chip that has its own memory and cryptographically secure firmware. Only firmware signed by Wibu-Systems can be downloaded into the controller, making a BadUSB attack impossible. Our most modern CmStick offers further protection. The chip firmware is encrypted and signed and the root key is stored in non-alterable ROM. This key is written only once during manufacturing and cannot be subsequently updated in the field under any circumstances. This is our implementation of a secure boot process. The inter-chip communications is also encrypted, making the stick immune to hardware based attacks.

In conclusion, if you are using any of our USB powered devices, you can feel confident that you are protected from the BadUSB threat.

For a more detailed description of our cryptographic protection and secure boot process, please read our official statement "BadUSB Uncovered", or contact one of our security experts.






Topics: CodeMeter, software copy protection, CmSticks, cracking, WibuKey, embedded security

Breaking Enigma – 80th Anniversary

Posted by John Poulson on Dec 13, 2012 6:02:00 AM

For software developers concerned with preventing software piracy or enforcing licensing policies, there is a great lesson to be learned from events that took place eighty years ago this month.

The Enigma cipher machine was invented by a German engineer (Arthur Scherbius) just as World War I was coming to an end. The machines were used for commercial purposes throughout the 1920s but as Germany began to re-build its military forces in the 1930s a secure form of communication was needed. The German government looked to the Enigma cipher machine as the answer.

German Military Intelligence relied on the mathematics of the Enigma machine for securing their sensitive military and diplomatic communications. Consider the design of the machine and the possibilities and combinations of this clever electro-mechanical device and you will come to understand why they were confident in its use.

An Enigma cipher machine consisted of five variable components:

Enigma Diagram

Enigma wiring diagram with arrows and the numbers 1 to 9 showing how current flows from key depression to a lamp being lit. The A key is encoded to the D lamp. D yields A, but A never yields A; this property was due to a patented feature unique to the Enigmas, and could be exploited by cryptanalysts in some situations.

Picture courtesy of Wikipedia

  1. A telephone operator style plug board containing up to thirteen dual-wired cables.
  2. Three ordered (left to right) rotors which wired twenty-six input contact points to twenty-six output contact points positioned on the opposing faces of each rotor.
  3. The rotors also contained twenty-six serrations around the circumference of each rotor allowing the operator to specify an initial position for each rotor pair.
  4. A moveable ring on each rotor which controlled the rotational behavior of the rotor to the immediate left by means of a notch.
  5. A fourth half rotor that “reflected” the input and outputs to the same face of contact points.

Dr. A Ray Miller, PhD wrote a paper about Enigma (date unknown), which was published by the Center for Cryptologic History (part of NSA), located at Fort Meade, Maryland.  In the paper he disclosed for the first time the mathematics behind the typical Enigma machine used by the German Army (the German Navy had added a fourth rotor to their machines enhancing the encryption). Considering all of the possible rotor positions, the possible plug board options and the position of the notched rings, Dr. Miller calculated that the total possibilities Allied cryptanalysts were typically faced with during most of the Second World War when attempting to “read” Enigma traffic was:

                107,458,687,327,250,619,360,000 (approximately 1023) or… stated another way it is about one hundred thousand billion billion.

With such daunting odds on their side, it is not surprising that German cryptographers felt secure in using Enigma. They had on their side the strength of large numbers, numbers so vast they are really beyond comprehension. And in that misplaced confidence, the Germans of that era were absolutely, completely and fatally wrong as three Polish cryptanalysts proved eighty years ago this month.

Historians may continue to argue over the military value of the decrypted communications. What cannot be argued is the incredible engineering feat performed by Marian Rejewski , Jerzy Rozycki and Henryk Zygalski of the Polish Cipher Bureau when they first broke Germany's military Enigma ciphers in December, 1932. Then just five weeks before the outbreak of World War II, they presented their Enigma-decryption techniques and equipment to British military intelligence. Throughout WWII, Allied Intelligence used information decrypted from German military communications very sparingly. They wanted to prevent the Germans from learning that their codes had been compromised. The fact that Enigma had been broken was not generally disclosed until the 1970s.

The breaking of the Enigma Cipher machine is an object lesson for software developers today. And is one that has not been lost on the development team at Wibu-Systems. While the CodeMeter encryption system used by Wibu-Systems incorporates the AES algorithm and Elliptical Curve Cryptography coupled with RSA for asynchronous key exchange and should be mathematically impossible to crack using brute force; the software engineers and developers at Wibu-Systems constantly make improvements to the basic CodeMeter architecture and security algorithms. Because it is a fact of life that whatever can be engineered… can be reverse engineered.

CodeMeter SmartBind is Wibu-Systems' newest technology to determine whether a software activation is valid or not by using internal heuristics. With SmartBind, you don’t have to worry about the details of which hardware aspects of your customer’s computer might change. The algorithm takes care of it for you.

Download the FREE whitepaper

john poulsonJohn Poulson has worked in the software protection industry since 1988 and has been with Wibu-Systems since 2000. He is an expert in license authentication best practices and deep powder skiing.

Topics: CodeMeter, cracking, software protection

RSA cracked; CodeMeter still secure.

Posted by John Browne on Jul 5, 2012 4:56:00 AM

The big news for crypto-wonks this week is that an international group of researchers has cracked a portion of RSA encryption. And it's not like they had to throw supercomputers at the problem; it was cracked in under 15 mintues. You can read the whole paper here (note: not light reading).

cracked safe

Mostly they were interested in hardware tokens using RSA to see if they could reveal the the secret key with "padding oracle" attacks (using error messages as a side channel). Some of these tokens use SmartCard circuits so the assumption is that the key is completely safe. 

The devices they cracked were (and the time required):

  • Aladdin eTokenPro (21 minutes)
  • Gemalto Cyberflex (92 minutes)
  • RSA Securid 800 (13 minutes)
  • Safenet Ikey 2032 (88 minutes)
  • Siemens CardOS (21 minutes)

CodeMeter, of course, uses a SmartCard chip as its core. So is there a concern?

The good news is no. No worries. CodeMeter doesn't rely on RSA for encryption, although we make it available optionally for those customers who want to use it. CodeMeter uses AES 128-bit for basic encryption and ECC for encrypting the communication channel between the hardware and the operating system

By the way the researchers asked the manufacturers of the cracked tokens for a response. The most common one was along the line of "Oops."

Topics: CodeMeter, cracking

What is software piracy?

Posted by John Browne on Mar 7, 2011 12:50:00 PM

Software piracy can take a number of forms, intentional and unintentional. What normally comes to mind with you hear "software piracy" in context are hackers or crackers (more about that in a minute) doing something illegal. But it can also include people who inadvertently violate license agreements without knowing.

What are hackers and what are crackers? In discussions about piracy, you see both terms used interchangeably. People who "crack" the system an ISV uses to prevent copies are called "crackers." Hackers, on the other hand, has traditionally been a term to refer to people who break into corporate or government networks. Sometimes it easier to just say hackers to lump together all the bad guys out there who try to do digital mischief.

So how do they do it? A common approach is to take a legitimate copy of say, Windows or Photoshop, and create a cracked version by patching some DLLs so that the licensing code thinks it's running on a legal copy. Then that single version is propagated around the world courtesy of file sharing sites.

Software-based anti-piracy systems try to bind a single licensed copy of an application to a given machine. Sometimes it will allow you to install on a couple of computers. Typically this is done with fingerprinting: identifying some characteristics of the host computer that the software has to match to. For example, you can look at the MAC address, CPU serial number, hard disk serial number, and so on. When the software first installs it gathers these fingerprints; later when you start up the application it checks the machine fingerprints against the ones it originally installed on and decides if this is a legal copy or not.

Since people upgrade and replace computers this schema is flawed from the get-go. The ISV has to decide how stringent to be about matching hardware fingerprinting on program load. If you have four values and only three match, do you go ahead and run or do you throw up a dialog telling the user they have to check with the publisher before the software will run? CmAct lets you decide how many factors (out of four total) you need to match before running the application. So you can set it to be two of four; if any two match the application will start.

These methods offer protection from casual theft but have a basic issue in that the fingerprint information has to come from the operating system. Contemporary OS do not let application code address hardware directly. If you want to know the serial number of the CPU, you use an OS system call to get it. That unfortunately makes the process somewhat vulnerable to spoofing: making the app think it's talking to the OS when it's not. And in that way many applications are cracked every day. Some of these are given away while some are sold as "real"--you can find them on various ecommerce stores online.

Of course if you use a dongle it should be a lot harder to crack the protection code; in the case of applications protected correctly with CodeMeter they should be impossible to crack. You can find online sites advertising dongle "emulators" or "eliminators" and they are basically cracking sites. Some developers use their dongle in the weakest possible way, by having the application merely check for the existence of a dongle and don't use it for key generation. This is incredibly easy to crack and is never recommended!

Topics: CodeMeter, software copy protection, Anti-piracy, dongles, software piracy, FAQ, cracking, CmAct