CrySL: Validating Correct Usage of Cryptographic APIs

TL;DR

CrySL is a domain-specific language that enables the specification and automated static analysis of correct cryptographic API usage in Java and Android apps, revealing widespread misuses despite improvements.

Contribution

CrySL introduces a new language for defining cryptographic API usage rules and a static analysis tool to detect violations in real-world applications.

Findings

96% of analyzed apps contained cryptographic misuses

CrySL ruleset effectively detects API misuse

Fewer misuses found compared to previous studies

Abstract

Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. Therefore, it is crucial to detect such misuses early in the development process. The fact that insecure usages are not the exception but the norm precludes approaches based on property inference and anomaly detection. In this paper, we present CrySL, a definition language that enables cryptography experts to specify the secure usage of the cryptographic libraries that they provide. CrySL combines the generic concepts of method-call sequences and data-flow constraints with domain-specific constraints related to cryptographic algorithms and their parameters. We have implemented a compiler that translates a CrySL ruleset into a context- and flow-sensitive demand-driven static analysis. The analysis automatically checks a given Java or Android app for violations of the CrySL-encoded rules. We empirically evaluated our ruleset through analyzing 10,001 Android apps. Our results show that misuse of cryptographic APIs is still widespread, with 96% of apps containing at least one misuse. However, we observed fewer of the misuses that were reported in previous work.