Cryptobugs Found in Numerous Google Play Store Apps

Cryptobugs Found in Numerous Google Play Store Apps

A new dynamic tool developed by Columbia University researchers flagged cryptography mistakes made in more than 300 popular Android apps.

Researchers have discovered more than 300 apps on the Google Play Store breaking basic cryptography code using a new tool they developed to dynamically analyze it.

Academics from Columbia University developed a custom tool, CRYLOGGER, that analyzes Android applications for unsafe use of cryptographic code according to 26 basic cryptography rules. Those rules include avoiding the use of: broken hash functions, bad passwords, reusing passwords multiple times, HTTP URL connections or a “badly-derived” key for encryption.

The research team—comprised of Luca Piccolboni,  Giuseppe Di GuglielmoLuca P. Carloni and Simha Sethumadhavan—then set it loose on 1,780 of the most popular apps in the Play Store from 33 different categories. The team’s analysis found that hundreds of them are breaking at least one if not several—up to 18 in some cases–of these basic rules.

The research sheds new light on how easy it is for popular mobile apps—the ones analyzed had from hundreds of thousands of downloads to more than hundreds of millions–to break basic security rules, researchers noted in their work. While the rules the team used to analyze the apps are common to developers specializing in cryptography, those building mobile apps aren’t necessarily specialists in this area and thus can make very basic mistakes.

To perform their analysis, researchers ran CRYLOGGER on the 1,780 apps while stimulating them with 30,000 random events, calling it “a good compromise between running time and number of vulnerabilities found in a subset of these apps.” Their tests took about 10 days to run on an emulator running Android 9.0.0r36.

Three of the common cryptography rules most broken by offending Android apps were rules No. 18, 1 and 4, respectively, on the researchers’ list. They are: Don’t use an unsafe PRNG, or pseudorandom number generator; don’t use broken hash function; and don’t use the operation mode CBC.

Researchers contacted the developers of all 306 Android apps and libraries to disclose the vulnerabilities; however, only 18 developers responded to the first email and only eight responded with “useful feedback” on their findings, they said. The team also contacted six developers of Android libraries, of which two responded.

CRYLOGGER is meant to be an open-source  and dynamic companion to CryptoGuard, another open-source tool available on GitHub that researchers deem “one of the most effective static tools to detect crypto misuses.”

“We hope that application developers will adopt it to check their applications as well as the third-party libraries that they use,” researchers wrote in their paper (PDF) about their work, which will be presented next year in May 2021 at the IEEE Symposium on Security and Privacy.

The Columbia team also made their tool available on GitHub. They said they chose to dynamically analyze code—or while it’s being executed—for several reasons. Though static analysis has its benefits, it can create false positives or negatives or miss some of the crypto mistakes found in code as it’s loading dynamically, they wrote.

“Most of the recent research efforts focused on static approaches, while little has been done to bring dynamic approaches to the same level of completeness and effectiveness,” researchers wrote.