解码信号：理解端到端加密的真正隐私保障.pdf

《解码信号：理解端到端加密的真正隐私保障.pdf》由会员分享，可在线阅读，更多相关《解码信号：理解端到端加密的真正隐私保障.pdf（86页珍藏版）》请在三个皮匠报告上搜索。

1、#BHUSA BlackHatEventsDecoding Signal:Understanding the Real Privacy Guarantees of E2EEIbrahim M.ElSayed#BHUSA BlackHatEvents Setting the scene Attack surface 1:1 Messages Linked devices ConclusionAgenda#BHUSA BlackHatEvents$whoami Ibrahim M.ElSayed (the_st0rm)Security Engineer Meta Signal Lacework F

2、ocus on Static Analysis Messaging application enthuthiast Whatsapp-2018 NSO attacks#BHUSA BlackHatEventsDisclaimer Opinions shared are my own,not my employer The focus is purely technical Any app comparisons made are focused only technology-based and do not reference specific products by name#BHUSA

3、BlackHatEventsWhat to expect?A security review(Im not a crypto expert)Close collaboration with the Signal team Focus on Signal 1:1 Messaging(no groups/calls)Takeaways:how signal works,privacy guarantees and vulnz(all fixed)#BHUSA BlackHatEventsMethodology Design:What the system is supposed to do Int

4、ent:What the engineer understood Implementation:The actual code that was written.Execution:How the code behaves in practice#BHUSA BlackHatEventsMethodology-Vulnerability classes Language-specific:Memory corruption in C+Application-specific:SQL injection Logic-based:Broken authorization Product-speci

5、fic:Unique to the apps domain e.g.,leaking if 2 users are communicating#BHUSA BlackHatEventsUnderstanding Signals Architecture#BHUSA BlackHatEventsSending a mail#BHUSA BlackHatEvents#BHUSA BlackHatEvents Backend Services Mostly Java and Rust Clients Library Rust Android:Kotlin+Java iOS:Swift+ObjC De

6、sktop:Electron AppAttack Surface#BHUSA BlackHatEventsAttack Surface Backend Services Chat server:230K Storage Server:40K Clients Signal Library:100K LoC Rust Android:300K Desktop:300K iOS:500K(90%Swift)#BHUSA BlackHatEventsAttack Surface Expectation of E2EE applications Server is malicious Network i