Error-Correcting Codes as Source for Decoding Ambiguity

Data decoding, format, or language ambiguities have been long known for amusement purposes. Only recently it came to attention that they also pose a security risk. In this paper, we present decoder manipulations based on deliberately caused ambiguities facilitating the error correction mechanisms used in several popular applications. This can be used to encode data in multiple formats or even the same format with different content. Implementation details of the decoder or environmental differences decide which data the decoder locks onto. This leads to different users receiving different content based on a language decoding ambiguity. In general, ambiguity is not desired, however in special cases it can be particularly harmful. Format dissectors can make wrong decisions, e.g. A firewall scans based on one format but the user decodes different harmful content. We demonstrate this behavior with popular barcodes and argue that it can be used to deliver exploits based on the software installed, or use probabilistic effects to divert a small percentage of users to fraudulent sites.

[1]  Kevin Peng,et al.  Security Overview of QR Codes , .

[2]  Aurélien Francillon,et al.  Optical Delusions: A Study of Malicious QR Codes in the Wild , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[3]  Sergey Bratus,et al.  Packets in Packets: Orson Welles' In-Band Signaling Attacks for Modern Radios , 2011, WOOT.

[4]  Sergey Bratus,et al.  Security Applications of Formal Language Theory , 2013, IEEE Systems Journal.

[5]  Edgar R. Weippl,et al.  QR Inception: Barcode-in-Barcode Attacks , 2014, SPSM@CCS.

[6]  Vitaly Shmatikov,et al.  Abusing File Processing in Malware Detectors for Fun and Profit , 2012, 2012 IEEE Symposium on Security and Privacy.

[7]  Teddy Mantoro,et al.  Trustworthy Ubiquitous Computing , 2012, Atlantis Ambient and Pervasive Intelligence.

[8]  Peter Kieseberg,et al.  Malicious Pixels Using QR Codes as Attack Vector , 2012 .

[9]  Jonas Magazinius,et al.  Polyglots: crossing origins by crossing formats , 2013, CCS.