Error-Correcting Codes as Source for Decoding Ambiguity

Adrian Dabrowski
Presented at the
2015 LangSec Workshop
at the IEEE Symposium on Security & Privacy Workshops
May 21, 2015
San Jose, CA
[ Ссылка ]
[ Ссылка ]

ABSTRACT
Data decoding, format, or language ambiguities have been long known for amusement purposes. Only recently, it came to attention that they also pose a security risk. In this paper, we present decoder manipulations based on deliberately caused ambiguities facilitating the error correction mechanisms used in several popular applications. This can be used to encode data in multiple formats or even the same format with different content. Implementation details of the decoder or environmental differences decide which data the decoder locks on. This leads to different users receiving different content based on a language decoding ambiguity. In general, ambiguity is not desired, however in special cases it can be particularly harmful. Format dissectors can make wrong decisions: e.g. a firewall scans based on one format but the user decodes different harmful content. We demonstrate this behavior with popular barcodes and argue that it can be used to deliver exploits based on the software installed, or use probabilistic effects to divert a small percentage of users to fraudulent sites.

свернуть