Paper 2022/1110

Invisible Formula Attacks

David Naccache, École Normale Supérieure - PSL
Ofer Yifrach-Stav
Abstract

This brief note introduces a new attack vector applicable to a symbolic computation tool routinely used by cryptographers. The attack takes advantage of the fact that the very rich user interface allows displaying formulae in invisible color or in font size zero. This allows to render some code portions invisible when opened using the tool. We implement a classical fault attack thanks to this deceptive mechanism but other cryptographic or non-cryptographic attacks (e.g. formatting the victim's disk or installing rootkits) can be easily conducted using identical techniques. This underlines the importance of creating malware detection software for symbolic computation tools. Such protections do not exist as of today. We stress that our observation is not a vulnerability in Mathematica but rather a misuse of the rich possibilities offered by the software.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. BlackHat 2022
Keywords
Attacks
Contact author(s)
david naccache @ ens fr
ofer friedman @ ens fr
History
2022-09-15: revised
2022-08-27: received
See all versions
Short URL
https://ia.cr/2022/1110
License
No rights reserved
CC0

BibTeX 

@misc{cryptoeprint:2022/1110,
      author = {David Naccache and Ofer Yifrach-Stav},
      title = {Invisible Formula Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1110},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/1110}},
      url = {https://eprint.iacr.org/2022/1110}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.