Injection Attacks Against End-to-End Encrypted Applications

• URL: http://arxiv.org/abs/2411.09228v1
• Date: Thu, 14 Nov 2024 06:53:00 GMT
• Title: Injection Attacks Against End-to-End Encrypted Applications
• Authors: Andrés Fábrega, Carolina Ortega Pérez, Armin Namavari, Ben Nassi, Rachit Agarwal, Thomas Ristenpart,
• Abstract summary: We explore an emerging threat model for end-to-end (E2E) encrypted applications. An adversary sends chosen messages to a target client, thereby "injecting" adversarial content into the application state. By observing the lengths of the resulting cloud-stored ciphertexts, the attacker backs out confidential information.
• Score: 15.213316952755353
• License:
• Abstract: We explore an emerging threat model for end-to-end (E2E) encrypted applications: an adversary sends chosen messages to a target client, thereby "injecting" adversarial content into the application state. Such state is subsequently encrypted and synchronized to an adversarially-visible storage. By observing the lengths of the resulting cloud-stored ciphertexts, the attacker backs out confidential information. We investigate this injection threat model in the context of state-of-the-art encrypted messaging applications that support E2E encrypted backups. We show proof-of-concept attacks that can recover information about E2E encrypted messages or attachments sent via WhatsApp, assuming the ability to compromise the target user's Google or Apple account (which gives access to encrypted backups). We also show weaknesses in Signal's encrypted backup design that would allow injection attacks to infer metadata including a target user's number of contacts and conversations, should the adversary somehow obtain access to the user's encrypted Signal backup. While we do not believe our results should be of immediate concern for users of these messaging applications, our results do suggest that more work is needed to build tools that enjoy strong E2E security guarantees.

Related papers

• Privacy-preserving server-supported decryption [2.2530496464901106]
  We consider encryption systems with two-out-of-two threshold decryption, where one of the parties initiates the decryption and the other one assists. Existing threshold decryption schemes disclose to the server the ciphertext that is being decrypted. We give a construction, where the identity of the ciphertext is not leaked to the server, and the client's privacy is preserved.
  arXiv  Detail & Related papers  (2024-10-25T06:47:53Z)
• Safeguard is a Double-edged Sword: Denial-of-service Attack on Large Language Models [7.013820690538764]
  We present a new denial-of-service (DoS) attack on large language models (LLMs) By software or phishing attacks on user client software, attackers insert a short, seemingly innocuous adversarial prompt into to user prompt templates in configuration files. Our attack can automatically generate seemingly safe adversarial prompts, approximately only 30 characters long, that universally block over 97% of user requests on Llama Guard 3.
  arXiv  Detail & Related papers  (2024-10-03T19:07:53Z)
• ARSecure: A Novel End-to-End Encryption Messaging System Using Augmented Reality [0.28087862620958753]
  We introduce ARSecure, a novel end-to-end encryption messaging solution utilizing augmented reality glasses. ARSecure allows users to encrypt and decrypt their messages before they reach their phone devices, effectively countering the CSS technology in E2EE systems.
  arXiv  Detail & Related papers  (2024-08-28T16:39:43Z)
• Exploiting Leakage in Password Managers via Injection Attacks [16.120271337898235]
  This work explores injection attacks against password managers. In this setting, the adversary controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing credentials with them.
  arXiv  Detail & Related papers  (2024-08-13T17:45:12Z)
• Understanding crypter-as-a-service in a popular underground marketplace [51.328567400947435]
  Crypters are pieces of software whose main goal is to transform a target binary so it can avoid detection from Anti Viruses (AVs) applications. The crypter-as-a-service model has gained popularity, in response to the increased sophistication of detection mechanisms. This paper provides the first study on an online underground market dedicated to crypter-as-a-service.
  arXiv  Detail & Related papers  (2024-05-20T08:35:39Z)
• CodeChameleon: Personalized Encryption Framework for Jailbreaking Large Language Models [49.60006012946767]
  We propose CodeChameleon, a novel jailbreak framework based on personalized encryption tactics. We conduct extensive experiments on 7 Large Language Models, achieving state-of-the-art average Attack Success Rate (ASR) Remarkably, our method achieves an 86.6% ASR on GPT-4-1106.
  arXiv  Detail & Related papers  (2024-02-26T16:35:59Z)
• InfoGuard: A Design and Usability Study of User-Controlled Application-Independent Encryption for Privacy-Conscious Users [1.2499537119440245]
  Billions of secure messaging users have adopted end-to-end encryption (E2EE) Most communication applications do not provide E2EE, and application silos prevent interoperability. We propose InfoGuard, a system enabling E2EE for user-to-user communication in any application.
  arXiv  Detail & Related papers  (2023-11-01T19:54:01Z)
• RiDDLE: Reversible and Diversified De-identification with Latent Encryptor [57.66174700276893]
  This work presents RiDDLE, short for Reversible and Diversified De-identification with Latent Encryptor. Built upon a pre-learned StyleGAN2 generator, RiDDLE manages to encrypt and decrypt the facial identity within the latent space.
  arXiv  Detail & Related papers  (2023-03-09T11:03:52Z)
• Not what you've signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection [64.67495502772866]
  Large Language Models (LLMs) are increasingly being integrated into various applications. We show how attackers can override original instructions and employed controls using Prompt Injection attacks. We derive a comprehensive taxonomy from a computer security perspective to systematically investigate impacts and vulnerabilities.
  arXiv  Detail & Related papers  (2023-02-23T17:14:38Z)
• Robust and Verifiable Information Embedding Attacks to Deep Neural Networks via Error-Correcting Codes [81.85509264573948]
  In the era of deep learning, a user often leverages a third-party machine learning tool to train a deep neural network (DNN) classifier. In an information embedding attack, an attacker is the provider of a malicious third-party machine learning tool. In this work, we aim to design information embedding attacks that are verifiable and robust against popular post-processing methods.
  arXiv  Detail & Related papers  (2020-10-26T17:42:42Z)
• Backdoor Attack against Speaker Verification [86.43395230456339]
  We show that it is possible to inject the hidden backdoor for infecting speaker verification models by poisoning the training data. We also demonstrate that existing backdoor attacks cannot be directly adopted in attacking speaker verification.
  arXiv  Detail & Related papers  (2020-10-22T11:10:08Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.