This work addresses privacy and authentication security challenges in SecureDNA’s hazardous DNA sequence screening for DNA synthesizers. Through systematic security evaluation—including formal verification, cryptographic analysis, TLS reverse engineering, and source-code auditing (v1.0.8)—we identify critical structural flaws: SCEP’s support for one-way authentication only and TLS responses lacking integrity binding. We propose and formally verify SCEP+, an enhanced protocol introducing mutual authentication and response integrity binding. Our assessment comprehensively covers key management, PKI design, authentication protocols, and rate-limiting mechanisms, adhering to the defense-in-depth principle. The findings directly informed SecureDNA v1.1.0, which patches critical authentication vulnerabilities and significantly improves resilience against replay and bypass attacks. This work delivers a reusable methodology and concrete protocol improvements for trustworthy engineering of biosafety screening systems.

We analyze security aspects of the SecureDNA system regarding its system design, engineering, and implementation. This system enables DNA synthesizers to screen order requests against a database of hazards. By applying novel cryptography, the system aims to keep order requests and the database of hazards secret. Discerning the detailed operation of the system in part from source code (Version 1.0.8), our analysis examines key management, certificate infrastructure, authentication, and rate-limiting mechanisms. We also perform the first formal-methods analysis of the mutual authentication, basic request, and exemption-handling protocols. Without breaking the cryptography, our main finding is that SecureDNA's custom mutual authentication protocol SCEP achieves only one-way authentication: the hazards database and keyservers never learn with whom they communicate. This structural weakness violates the principle of defense in depth and enables an adversary to circumvent rate limits that protect the secrecy of the hazards database, if the synthesizer connects with a malicious or corrupted keyserver or hashed database. We point out an additional structural weakness that also violates the principle of defense in depth: inadequate cryptographic bindings prevent the system from detecting if responses, within a TLS channel, from the hazards database were modified. Consequently, if a synthesizer were to reconnect with the database over the same TLS session, an adversary could replay and swap responses from the database without breaking TLS. Although the SecureDNA implementation does not allow such reconnections, it would be stronger security engineering to avoid the underlying structural weakness. We identify these vulnerabilities and suggest and verify mitigations, including adding strong bindings. Software Version 1.1.0 fixes SCEP with our proposed SCEP+ protocol.