DROIDCCT: Cryptographic Compliance Test via Trillion-Scale Measurement

TL;DR

DroidCCT is a large-scale distributed framework that passively analyzes cryptographic operations in Android devices to identify weaknesses, revealing patterns of bugs and vulnerabilities across various manufacturers and chipsets.

Contribution

This paper introduces DroidCCT, a novel distributed testing framework that passively collects and analyzes trillions of cryptographic samples from Android devices to evaluate implementation quality.

Findings

Identified widespread cryptographic bugs and weaknesses.

Discovered non-uniform cryptographic function availability across devices.

Highlighted vulnerabilities like weak randomness and timing side channels.

Abstract

We develop DroidCCT, a distributed test framework to evaluate the scale of a wide range of failures/bugs in cryptography for end users. DroidCCT relies on passive analysis of artifacts from the execution of cryptographic operations in the Android ecosystem to identify weak implementations. We collect trillions of samples from cryptographic operations of Android Keystore on half a billion devices and apply severalanalysis techniques to evaluate the quality of cryptographic output from these devices and their underlying implementations. Our study reveals several patterns of bugs and weakness in cryptographic implementations from various manufacturers and chipsets. We show that the heterogeneous nature of cryptographic implementations results in non-uniform availability and reliability of various cryptographic functions. More importantly, flaws such as the use of weakly-generated random parameters, and timing side channels may surface across deployments of cryptography. Our results highlight the importance of fault- and side-channel-resistant cryptography and the ability to transparently and openly test these implementations.