Investigating security failures and their causes: An analytic approach to computer security

This dissertation examines security failures in three classes of systems: compact disc (CD) audio recordings containing digital rights management (DRM), touch-screen electronic voting machines, and on-the-fly disk encryption software. In each case, we study a variety of implementations developed by different parties; we analyze their security and discover a range of security flaws, including several entirely new categories of attacks; and we propose new mitigations and defenses for protecting related systems. Each of these studies has already had significant real-world impact, and we extend them with a new methodology for studying the underlying causes of security failures and drawing broader lessons for users, developers, researchers, and policymakers.;We begin with CD-DRM systems---security mechanisms for audio CDs that are designed to limit copying and other uses of the music. In the course of tracing the evolution of these technologies over three generations, we discover a range of new attacks, including numerous ways that attackers could bypass the anticopying measures and ways that disc producers could free-ride on other vendors' copy-protection systems to receive the benefits without paying. We demonstrate a new class of threats, collateral damage to the security of CD-owners' PCs, and argue that they are an inherent risk of DRM. We discuss additional factors that led to these failures, including differences between the incentives of CD-DRM vendors and their record-label customers.;Next, we turn our attention to electronic voting systems, specifically touch-screen direct recording electronic (DRE) voting machines. We perform a detailed security evaluation of two similar implementations, the Diebold AccuVote-TS and AccuVote-TSX, applying both reverse engineering and source code review to reveal security flaws. We show how attackers could exploit these flaws to tamper with election results or disrupt the voting process, and we demonstrate a dangerous new attack vector, voting machine viruses. We compare security problems uncovered in other DRE voting machines to suggest common causes and threats, including failures in voting machine certification procedures and incentives that rewarded features and time-to-market over robustness and security.;Finally, we demonstrate new threats to the security of on-the-fly disk encryption software, which is designed to protect confidential data against an attacker who gains physical access to the computer. We conduct a series of experiments to investigate memory remanence in dynamic RAMs, a phenomenon largely unknown to security research that causes data in RAM to remain intact for a short time after the memory chips lose power. Attackers can exploit this effect to bypass operating system security and recover sensitive memory contents, such as encryption keys. We demonstrate how this would allow an attacker to defeat most popular disk-encryption products. We discuss how the widespread ignorance of this basic hardware behavior relates to abstraction, a fundamental computer engineering principle, and suggest other abstractions that might similarly conceal security threats.;In all three studies we apply new methodology that combines causal analysis with security engineering. We adopt the concept of informative causes of failure to organize and direct our investigations. In the pursuit of causes, we compare security flaws across different implementations to find supporting evidence in suggestive patterns of failures. Like the search for flaws, the search for causes seems resistant to thorough systematization, but it has been a useful tool for guiding us to the broader lessons of these security failures.