DARPA to warn about breaches without alarming cybercriminals

May 03, 2021

Today, the process of disclosing software vulnerabilities is fraught with challenges. Cybersecurity researchers and software security analysts face a dilemma between ethics and effectiveness when it comes to reporting or sharing discovered bugs. Revealing a vulnerability publicly may get the attention of the software developers and motivate a timely response, but it may also result in a lawsuit against the researcher. In addition, public disclosure may allow malicious actors to exploit the discovery before a patch or fix can be applied.

In other words, disclosing vulnerabilities without opening the way for malicious agents to act is a great challenge faced by cybersecurity researchers when they feel obliged to publicly report the discovery of flaws in third-party software, but do not want this information to become a weapon in the hands of cybercriminals.

In times when the delay in releasing patches can cost millions or billions of dollars or even compromise government agencies and the private sector of countries the size of the United States, as happened with the SolarWinds case, it is essential to count on the ability to lead software developers to take corrective actions in the face of pressure from public opinion, without however increasing the risk of criminal activities capable of exploiting the disclosed flaws to promote system invasions and valuable data theft.

It is at this nerve centre that the SIEVE (Securing Information for Encrypted Verification and Evaluation) programme of DARPA, the advanced research agency of the US Department of Defence, is working. The project is exploring possible solutions through the use of so-called zero-knowledge proofs (ZKPs) in the vulnerability disclosure process.

The concept, which is not new, is based on cryptographic methods, ZKPs are mathematically verifiable problem statements that can be used to reason about software or systems. The proofs can be used publicly without revealing confidential information. In the case of vulnerability disclosure, it would allow software developers to prove the existence of vulnerabilities without having to reveal, for example, a roadmap that, in unsuitable hands, would cause incalculable damage.

According to DARPA’s project manager, prior to SIEVE, the main focus of applying ZKPs was to maximize the speed of communication and evidence verification. In addition to use in the Department of Defense itself, cryptocurrency and blockchain applications, for example, require the efficiency of communication and verification.

In one year of the SIEVE program, two teams have already demonstrated the unprecedented ability to mathematically prove the existence of vulnerabilities, without revealing critical details of the flaws or how to exploit them. One of them, led by Galois, reported a memory security vulnerability found in the Game Boy Advance device. The team combined different protocols and program analyses to evaluate ZKP’s claims.

Memory security vulnerabilities are a critical class of vulnerabilities that occur frequently in modern software. In the demonstration led by Galois, one vulnerability researcher was able to interactively convince another party of the existence of the specific vulnerability in about eight minutes.

The second team of Trail of Bits researchers is working to model vulnerabilities at the system architecture level, which is a lower level of abstraction than Galois is working at. Their initial work has created a way to represent real-world instruction set architectures as Boolean circuits — or mathematical models of digital logic circuits — compatible with ZKPs so that users can demonstrate their ability to force a public binary into a specific malicious state.

The team’s initial work used the MSP430 microcontroller, a microprocessor commonly used in embedded systems. From there, they figured out a way to mathematically represent a variety of common vulnerabilities so that ZKPs could be developed to prove the existence of those vulnerabilities. ZKP instruction sizes ranged from 86 MB to 1.1 GB. Now, this team is looking to expand the list of architectures and execution environments it could work with. The goal is to include much of the popular x86 architecture. For example, they plan to produce ZKPs of binaries from DARPA’s 2016 Cyber Grand Challenge, which runs on DECREE – a simple operating system built on x86.

For DARPA researchers, the greatest obstacle to the wider adoption of this method is finding a way to translate it into easy-to-understand language. After all, it will be pointless to present precise proof if those who receive it are not able to decipher it to the point of being convinced.

How it works

A simple example to illustrate how the ZKP method works are to imagine a cave and two characters, A and B. They both stand in front of this cave, which has two different entrances (1 and 2) to two separate paths. Inside the cave, there is a connection between the paths, which can only be opened with a secret code. Character B is the one who has this code, and character A wants to make sure that B is not lying.

How can B prove he has the code without revealing its contents? The solution is to have character A wait outside the cave and B advance through any of the entrances at random (1 or 2). Then, in front of the cave, character A asks B to leave by the other way. In possession of the secret code, B can do this without any problem, proving the fact.