May 17, 2012

You are here: Home / Archives for Cryptography

Researchers Crack HD Con­tent Pro­tec­tion System

November 25, 2011 By

(LiveHacking.Com) - Security researchers have broken the High-band­width Di­gi­tal Con­tent Pro­tec­tion (HDCP) system used on HD devices (such as Blu-ray) with HDMI ports to pro­tect di­gi­tal video sent to TVs and monitors against un­aut­ho­ri­zed copying.

Using a man-in-the-middle (or in this case a computer board in the middle), Prof. Dr.-Ing Tim Güneysu of the Secure Hardware Group at Germany’s Ruhr University of Bochum, has found a way to con­nect any non-com­pli­ant mo­ni­tor (which would include devices able to record the video) to a HDCP ­pro­tec­ted video sour­ce.

To do the decoding the professor and his students used a low-cost Di­gi­lent’s Atlys De­ve­lop­ment Board with a Xi­l­inx Spar­tan-6 LX45 FPGA. The board has all the necessary con­nec­tors for video input and out­put. The total setup cost no more than $250.

“We developed an independent hardware solution instead, based on a cheap FPGA board” explained Prof. Dr.-Ing. Tim Güneysu, who set to work with the final year student Benno Lomb. “We were able to tap the HDCP encrypted data streams, decipher them and send the digital content to an unprotected screen via a corresponding HDMI 1.3-compatible receiver.”

The result is that the team can now:

  • Suc­cess­ful­ly con­nect any non-com­pli­ant mo­ni­tor to a HDCP ­pro­tec­ted video sour­ce
  • Extract all secret ses­si­on keys es­ta­blis­hed du­ring au­then­ti­cation
  • De­crypt sin­gle-link video streams with a re­so­lu­ti­on of 720p or 1080i in re­al-ti­me.

This man-in-the-middle attack is of little interest for pirates as there are simplier ways to “rip” a Blu-Ray disc. However Prof. Güneysu does see a real threat to security-critical systems, for example at authorities or in the military.

Although Intel is already offering a new security system, HDCP 2.0, but since it is backward compatibile, the weak point will also remain a problem in coming years.

Filed Under: Cryptography, News, Uncategorized Tagged With: , , ,

Stolen Certificate Used to Sign Malware

November 15, 2011 By

(LiveHacking.Com) -  A certificate stolen from the Malaysian Agricultural Research and Development Institute, which was taken “quite some time ago”, has turned up as the digital signature used on a piece of malware known as Trojan-Downloader:W32/Agent.DTIW.

The malware, which spreads via malicious PDF files that install it after exploiting holes in Adobe Reader 8, downloads additional malicious components from a server called worldnewsmagazines.org.

By using a private signing certificate that belongs to the Malaysian government the malware is able to bypass the warnings issued by Windows about untrusted software.

According to F-Secure, who discovered the malware signed with the a stolen certificate:

It’s not that common to find a signed copy of malware. It’s even rarer that it’s signed with an official key belonging to a government.

The use of digital certificates and the role of Certificate Authorities (CA) continues to be a hot topic following several well publicized security breaches (Diginotar and Comodo) and the subsequent revoking of fraudulently issued certificates.

Filed Under: Cryptography, Malware Tagged With: , , , ,

Microsoft to Revoke Trust in Malaysian CA

November 7, 2011 By

Microsoft has issued a notice that it will shortly revoke the trust in the Intermediate Certificate Authority DigiCert Sdn. Bhd. (Digicert Malaysia) via Windows Update. The reason for the revoke isn’t that the CA has been compromised or suffered a security breach, but rather they were caught issuing certificates with weak 512 bit keys.

The requirements of the  the Microsoft Root Program are that a minimum crypto key size of RSA 2048-bit modulus is used for any root and all issuing CAs. Microsoft used to accept root certificates with RSA 1024-bit modulus however these existing legacy 1024-bit RSA root certificates were phased out at the end of last year. The fact that this Malaysian CA issued 512-bit certificates is a clear violation of Microsoft requirements.

“The subordinate CA has clearly demonstrated poor CA security practices and Microsoft intends to revoke trust in the intermediate certificates” said Jerry Bryant, Group manager, Response Communications, Trustworthy Computing.

Although Microsoft have no indication that any of the 22 certificates were issued fraudulently, however, these weak keys have allowed some of the certificates to be compromised.  These compromised certificates could allow an attacker to impersonate the legitimate owner and make a user believe they are trusting a website or signed software that was created for malicious use.

Filed Under: Cryptography, Microsoft Tagged With: , , ,

Chrome 15 Broke The Wall Street Journal While Trying to Beat the BEAST

October 27, 2011 By

(LiveHacking.Com) - Earlier this month Juliano Rizzo and Thai Duong released details of a vulnerability in the encryption mechanism used in HTTPS (Secure Hypertext Transfer Protocol). They also released a tool known as BEAST (Browser Exploit Against SSL/TLS). Consequently browser makers, including Google, have been trying to tweak the SSL implementations in their browsers to reduce the risks from the BEAST.

As part of the Chrome 15 release Google did some SSL tweaking:

The NSS network library was updated to include a defense against so-called BEAST. This defense may expose bugs in Brocade hardware. Brocade is working on the issue.

Well it looks like it did expose problems. As soon as users started to upgrade to Chrome 15, reports started that users couldn’t login to Barrons Online or The Wall Street Journal.

Further investigation by Google revealed that a change, which sends only one byte of data in the first CBC encrypted application data record, broke the sites.

Google back tracked on the change and released Chrome 15.0.874.106 for Windows, Mac and Linux. Since then Barron’s has updated its site, and secure sign-in is now working with 1/n-1 SSL record splitting when using the development build of Chrome 16. No word on what, if any, changes The Wall Street Journal has made to its site.

Filed Under: Chrome, Cryptography, Google Tagged With: , , ,

SSL Denial Of Service Tool Released

October 26, 2011 By

 

(LiveHacking.Com) - The Hacker’s Choice (THC) has added a new program to its repository of  hacking tools. The new tool is designed to verify the performance of the encryption algorithms used in SSL. However since most servers are not designed to handle large amounts of SSL handshakes, running the test will cause a denial of service.

To establish a secure SSL connection generally requires 15 times more CPU power on the server than on the client and so the THC-SSL-DOS tool has been built to exploit this asymmetry by overloading the server. The overload will result in a denial of service as the server struggles to cope with the incoming SSL connections.

Although is isn’t a new problem, it has been observed and discussed since 2003, it is the first time a compact tool has been written to expose the problem from the client end. A simple laptop can issue 300 SSL handshakes per second and only use around 10 to 25% of the client CPU power. The result is that a laptop on a DSL connection can challenge a server on a 30Gbit link.

The denial of service attack can be launched on any SSL connection including HTTPS, POP3S and SMTPS.

This problem affects all SSL implementations today.

Filed Under: Cryptography, Security, Tools Tagged With: , , , ,

RUB Researchers Break XML Encryption

October 21, 2011 By

(LiveHacking.Com) - Researchers from the Ruhr University Bochum (RUB), one of the largest universities in Germany, have exploited a weakness in the Cipher Block Chaining (CBC) mode of the encryption standard used to encode XML. The result is that web services which rely on XML Encryption are now potentially unsafe.

Juraj Somorovsky and Tibor Jager discovered that by sending modified ciphertexts to a server and analyzing the error messages received they were able to decrypt the original XML data. They tested their attack against a popular open source implementation of XML Encryption, and against the implementations of companies that responded to the responsible disclosure. In all cases the attack works and the XML Encryption was broken.

“There is no simple patch for this problem”, states Somorovsky. “We therefore propose to change the standard as soon as possible.”

It is worth noting that the attack only works when AES is used for encryption in the CBC mode. XML encryption also supports Tripled DES.

The researchers informed all possibly affected companies through the mailing list of W3C, following a clear responsible disclosure process. With some companies there were intensive discussions on workarounds.

Filed Under: Cryptography, Security, Vulnerability Tagged With: , , , ,

Microsoft Issues Security Advisory to Combat the BEAST

September 27, 2011 By

(LiveHacking.Com) – As reported yesterday, the mechanism behind earlier versions of  SSL/TLS are susceptible to attack due the way they use block ciphers. Now Microsoft has made a blog post and issued a security advisory about the problem.

This is an industry-wide issue with limited impact that affects the Internet ecosystem as a whole rather than any specific platform. Our Advisory addresses the issue via the Windows operating system.

According to Microsoft’s analysis  users are at minimal risk. To successfully exploit this issue, the would-be attacker must meet several conditions:

  • The targeted user must be in an active HTTPS session;
  • The malicious code the attacker needs to decrypt the HTTPS traffic must be injected and run in the user’s browser session; and,
  • The attacker’s malicious code must be treated as from the same origin as the HTTPS server in order to it to be allowed to piggyback the existing HTTPS connection.
  • The attack must make several hundred HTTPS requests before the attack could be successful.
  • TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.
For those who run servers on Windows, Microsoft suggest use of the RC4 algorithm. Since the attack only affects cipher suites that use symmetric encryption algorithms in CBC mode, such as AES, the RC4 algorithm is not vulnerable. System administrators can prioritize the RC4 algorithm on their servers using the instructions given here:  Prioritizing Schannel Cipher Suites.
Filed Under: Cryptography, Microsoft Tagged With: , , ,

Is SSL/TLS Under Attack from the BEAST?

September 26, 2011 By

 

(LiveHacking.Com) - Juliano Rizzo and Thai Duong have released details of a vulnerability in  TLS (Transport Layer Security) 1.0, the encryption mechanism used in HTTPS (Secure Hypertext Transfer Protocol). TLS is the successor to SSL (Secure Sockets Layer) and is widely used on the Internet. The vulnerability resides in versions 1.0 and earlier of TLS, but not in versions 1.1 and 1.2, however they remain almost entirely unsupported in browsers and websites.

At the Ekoparty security conference in Buenos Aires, Juliano and Thai released a tool, known as BEAST (Browser Exploit Against SSL/TLS), that compromises TLS by exploiting the vulnerability  that has actually been known about for years but which has been regarded as just theoretical until now.

The problem is all to do with block ciphers and Cipher Block Chaining (CBC). With CBC, each ciphertext message starts with a single extra random block, or IV (“initialization vector”). TLS <= 1.0 uses CBC but has a problem in that instead of using a new random IV for every TLS message sent, it uses the ciphertext of the last block of the last message as the IV for the next message. This means that the IV is now something an attacker can predict. A more detailed look at how the attack works can be found here.

The two-factor authentication service PhoneFactor has suggested websites use the RC4 cipher to encrypt SSL traffic instead of algorithms such as AES and DES, as RC4 is not vulnerabile to this CBC/IV problem.

According to Sophos, the pair reported their findings to the major browser vendors a month ago. However so far Google is the only company to respond with a fix (which can currently be found in the beta test versions of the browser).

Filed Under: Cryptography, Security Tagged With: , , ,

DigiNotar Officially Bankrupt

September 22, 2011 By

(LiveHacking.Com) - The American parent company of the Dutch certificate authority (CA) DigiNotar has announced that DigiNotar is now officially bankrupt. VASCO Data Security International filed DigiNotar’s voluntary bankruptcy in the Haarlem District Court, The Netherlands at the beginning of this week and one day later the CA was officially declared bankrupt. A bankruptcy trustee, under the supervision of a judge, has now taken over the management of DigiNotar and will work to liquidate the company.

The Dutch government stepped in and took over DigiNotar after it was discovered that the company had been hacked and had been used to issue fake SSL certificates for various major sites, including Google, Mozilla, the CIA, MI6 and Mossad.

T. Kendall Hunt, VASCO’s Chairman and CEO said in a statement, “we would like to remind our customers and investors that the incident at DigiNotar has no impact on VASCO’s core authentication technology.”

“We want to emphasize that the bankruptcy filing by DigiNotar, which was primarily a certificate authority, does not involve VASCO’s core two-factor authentication business,” added Jan Valcke, VASCO’s President and COO.

It was DigiNotar’s failure to be upfront about the security breach which was the main reason it lost all credibility. Having suffered the breach, weeks went past before it started to inform the different domain name owners about what happened. Also the serial numbers for the issued certificates could not be found in DigiNotar’s records. This led to the conclusion that an unknown number of certificates were issued, probably more than 500.

“We are working to quantify the damages caused by the hacker’s intrusion into DigiNotar’s system and will provide an estimate of the range of losses as soon as possible,” said Cliff Bown, VASCO’s Executive Vice President and CFO.

Filed Under: Cryptography, Security Tagged With: , ,

Patch Tuesday Blocks More DigiNotar Certificates

September 14, 2011 By

(LiveHacking.Com) - As anticipated Microsoft has issued five security bulletins bringing a number of updates to Windows and Office. At the same time it has released a new update  (2616676) that blocks six additional DigiNotar root certificates. These new certificates are ones that are cross-signed by Entrust and GTE. They are:

  • DigiNotar Root CA Issued by Entrust (2 certificates)
  • DigiNotar Services 1024 CA Issued by Entrust
  • Diginotar Cyber CA Issued by GTE CyberTrust (3 certificates)

The security bulletins issued are

  1. MS11-070 Vulnerability in WINS Could Allow Elevation of Privilege
  2. MS11-071 Vulnerability in Windows Components Could Allow Remote Code Execution
  3. MS11-072 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
  4. MS11-073 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution
  5. MS11-074 Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege

None of the bulletins are rated as Critical but the affected software includes all of Microsoft’s currently supported versions of Windows including XP, Vista, Windows 7 and Windows Server 2003/2008 as well Office 2003, 2007 and 2010.

MS11-071, 072 and 073 all relate to vulnerabilities could allow remote code execution if a user opens a specially crafted file. In some cases, for .doc., .rtf and .txt files, the document needs to be the located in the same network directory as a specially crafted library file for the exploit to work.

Filed Under: Cryptography, Microsoft, Security, Vulnerability Tagged With: , , , ,
« Older Posts
Newer Posts »