我们也应该聊天吗？微信MMTLS加密协议的安全分析.pdf

1、Security Analysis of WeChats MMTLS Encryption ProtocolPellaeon Lin,Mona WangThursday,April 3 2025AgendaSecurity Analysis of WeChats MMTLS Encryption ProtocolIntroduction,motivation,methodologiesWeChat network request lifecycleMMTLS encryption,Business-layer encryptionDiscussion,recommendations,futur

2、e workPellaeon LinResearcher at Citizen Lab,University of TorontoSecurity and privacy of mobile appsPast studiesTikTok vs Douyin-A Security and Privacy AnalysisUnmasked II:An Analysis of Indonesia and the Philippines Government-launched COVID-19 AppsUnmasked:COVID-KAYA and the Exposure of Healthcare

3、 Worker Data in the PhilippinesMona WangNetworking security researcher,PhD student at Princeton CITPOTF Information Controls Research Fellow at Citizen LabPreviously technologist at EFFOther workNetwork measurement(CoNEXT 22)Traffic fingerprinting resistance and censorship circumvention(PETS 22)Thre

4、at modelling and security training for organizers(CSCW 22)https:/MotivationWhats being sent?Is the encryption sound?Why custom encryption?MotivationWeChat MMTLSSecures 1+billion users trafficDeployed for 8 yearsOne public blog postSSL/TLSSecures billions of users traffic30+years of developmentOpen s

5、tandard,lots of academic and public scrutinyMMTLS deserves just as much scrutiny as TLS!WeChat network request lifecycleAnatomy of a Wechat network requestAPI endpoint is referred to as“Scene”,has unique“type”number and URIAnatomy of a Wechat network requestRequest and response formats are defined u

6、sing ProtobufScreenshot shows a portion of the request Protobuf fieldsAPI object(NetSceneBase)Defines structure of API data,what type of encryption to useSerializer(reqToBuf)Serialize the object into bytearraysEncryptor(MMProtocalJni.so)Encrypts byte arrays using crypto specified by API typeOpenSSLO