1

I'm using AWS S3 in my C++ app to upload and download files. I've included the access key and secret in my code but I'm worried someone could read them from the binary. Is there any standard technique for obfuscating them?

I'm not running this app on a PC, it's actually on an embedded device so I'm not worried about users reading the key and secret from a file or RAM (accessing the device is a lot harder). What I'm worried about is someone binwalking our update file and pulling the key and secret from the binary.

Ohnana
  • 4,737
  • 2
  • 23
  • 39
parsley72
  • 195
  • 7
  • Proxy s3 through your own server. Store the secret on your server. This just moves the problem though. You can't do much if client has full access to device. Adding a micro-SIM to authenticate w your server or decrypting a blob on your device would make it harder – Neil McGuigan Dec 17 '15 at 19:22
  • I don't have a server. – parsley72 Dec 18 '15 at 19:55

2 Answers2

1

Key storage is one of those things... Certainly, if the device is powered off someone with the resources could de-solder and storage devices (flash, emmc) and dump the data easily enough. At run time, if someone has super user access they can mmap all physical memory and scan it for the key (which will be in memory once you use it)

Key protection using homomorphic encryption schemes have been gaining popularity but is still largely in the Academic realm (Plus a little voodoo).

To protect against memory forensics picking up your key from physical memory, ARM has "trustzone" which can be leveraged to perform cryptographic operations without exposing keys to memory that is generally visible to the OS.

A TPM is another common approach to storing and using keys without exposing them to memory.

In short there are next to no 'good' software solutions for securing keys, only hardware solutions seem sound (like trustzone and TPMs).

Whome
  • 1,231
  • 11
  • 21
0

You can't hide it in the application file, you can only obfuscate it. Neither of these offer you any kind of security. Obfuscation is not security; it can easily be reverse-engineered under the right circumstances.

And if it's an embedded device, what's stopping someone from exploiting your application? I don't trust your application to be safe at this point since you're storing important credentials in an executable, so you probably lack basic security knowledge as well.

It doesn't matter if you're on an embedded device or not: if there's read-write access, your secrets are in danger.

Story time: Someone once tried to infect my machine with a malware executable that had credentials stored inside of it. Within a matter of minutes, I was able to log into their various accounts, find out who they were, what they were doing, and screw with them for a little while.

New Story time: You're next.

You're rightfully worried about someone stealing your update file and pulling the credentials from it. But you're missing the fact that you shouldn't be storing your credentials in the executable.

Ohnana
  • 4,737
  • 2
  • 23
  • 39
Mark Buffalo
  • 22,498
  • 8
  • 74
  • 91
  • "But you're missing the fact that you shouldn't be storing your credentials in the executable". I've coded this to get it working, now I want to make it secure so I'm asking how. What am I missing? – parsley72 Dec 17 '15 at 19:57