Description
Objective: Secure messaging platforms offer the promise of security, but like all software, have flaws which are increasingly used by Advanced Persistent Threat (APT) groups to gain malicious access to sensitive communications. With billions of users worldwide, secure messaging applications (SMAs) represent a vulnerable, and ubiquitous, part of the software ecosystem. For most, the decision to transition from the unencrypted communication platforms to SMAs offers a sense of security. However, while the cryptographic protocols used by SMAs have well-understood and well-tested security properties, little has been done to systematically assess the security risks of the applications themselves: the code that interacts with the network and the mobile operating system. This represents an enormous attack surface, remotely reachable by an attacker. APT groups have recognized the malicious potential of such platforms, and the demand for capabilities that exploit SMAs has been steadily rising. This Defense Advanced Research Projects Agency (DARPA) topic is seeking novel approaches to defend SMAs by modeling their security risks and recommending defensive measures to protect these critical platforms. Description: SMAs are a class of applications running on mobile devices which are increasingly targeted by malicious attackers, such as APT groups. Not only do they transmit private communications that the user believes to be secure, but SMAs can reduce the security of the mobile device itself: unlike most mobile applications, an attacker only needs a phone number or username to communicate directly with the SMA. The SMAs in wide use today all share similar cryptographic protocols, software architectures and feature sets. In order to best understand the risks and weaknesses inherent to such applications, this effort will develop models, frameworks, and methods of evaluation to defend SMAs from real-world attack. While most SMAs invest heavily in securing their cryptographic protocols, less emphasis is given to the security of the software itself. As these applications grow and introduce new features to entice users, their attack surface expands without the security risks being accurately understood. This effort would model the attack surface of SMAs for mobile devices and identify where security boundaries, protections, and mitigations could be introduced. This effort would then develop a framework to assess and ensure the efficacy of these security measures. The results of this effort will provide actionable and tested recommendations for protecting and defending such applications. The resulting tools and techniques will not only enable SMA developers to better secure their platforms, it will allow users and decision-makers to perform informed risk analysis of their SMA usage, better equipping them to accurately understand the security of their data as encrypted communication becomes embedded in daily life. The program seeks novel approaches to key technical challenges, including but not limited to: Characterizing and modeling the attack surface of SMAs. Developing a framework that identifies and recommends security boundaries, protections, and mitigations for SMAs. Developing tools and techniques for evaluating the security features of SMAs. Keywords: Cybersecurity, secure software design, cyber defense, computer communications, secure messaging application