Introduction to Cybersecurity | Security+ Live Class | Network Security Devices, Design Technology. Here has been much debate regarding governments and cryptography. Many governments claim that terrorists are encrypting their electronic correspondence when planning attacks. To protect their citizens, these governments want to eavesdrop on suspected terrorists who use encryption, either by holding the decryption keys themselves so that they can decrypt conversations or by planting a “backdoor” in the encryption algorithm so that it can be compromised. However, a recent event revealed an unintended consequence of such a government-sponsored cryptographic backdoor. The Computer Security Law of 1987 was passed by the U.S. Congress to improve the security and privacy of sensitive data on federal computer systems. One part of this law tasked the U.S. National Institute of Standards and Technology (NIST) to work with the National Security Agency (NSA) to create standards for federal data security. One of these standards was the pseudo-random number generator Dual_EC_DRBG. Soon after Dual_EC_DRBG was released in 2006, however, it was demonstrated that this algorithm was not only slow but had a bias in that some numbers appeared more often than other numbers and thus were not truly random. Although some argued that the Dual_EC_DRBG standard should be dropped, it was kept at the NSA’s insistence. The agency said that it was worth including because of its theoretical basis and that it should be difficult to predict the numbers the algorithm would generate. (Leaked 2013 documents suggested that the NSA intentionally sabotaged Dual_EC_DRBG to create a cryptographic backdoor but this has never been proved.Footnote)
Meanwhile, two vulnerabilities were uncovered in networking hardware devices manufactured by Juniper Networks. The first was a hardcoded master password in the Juniper operating system (ScreenOS) that would open a backdoor to allow remote administrative access to the device via Secure Shell (SSH). The second vulnerability would allow an attacker who can monitor traffic through a virtual private network (VPN) to decrypt it. This second vulnerability uses elliptic curve cryptography (ECC) that requires two random numbers, P and Q. The pseudo-random number generator Dual_EC_DRBG was used by ScreenOS to create these values.
In 2007 two Microsoft researchers discovered that if Q was known then someone could examine the random numbers generated by the algorithm and subsequently predict the numbers that would be generated in the future, breaking the encryption. Thus, any algorithm that used random numbers generated by Dual_EC_DRBG could be compromised.
Even though Dual_EC_DRBG was known to have a potential vulnerability, Juniper chose to incorporate Dual_EC_DRBG in its ScreenOS. However, Juniper said that it was using a different point Q, thus preventing anyone from breaking the encryption. Yet, in August 2012 it appears that Juniper changed its Q value back to the original (and vulnerable) value, so that encrypted traffic could have been easily broken. In fact, an attacker would only have to examine 30 bytes of raw output to have the necessary data to initiate the attack. Juniper eventually patched both vulnerabilities.
Meanwhile, two vulnerabilities were uncovered in networking hardware devices manufactured by Juniper Networks. The first was a hardcoded master password in the Juniper operating system (ScreenOS) that would open a backdoor to allow remote administrative access to the device via Secure Shell (SSH). The second vulnerability would allow an attacker who can monitor traffic through a virtual private network (VPN) to decrypt it. This second vulnerability uses elliptic curve cryptography (ECC) that requires two random numbers, P and Q. The pseudo-random number generator Dual_EC_DRBG was used by ScreenOS to create these values.
In 2007 two Microsoft researchers discovered that if Q was known then someone could examine the random numbers generated by the algorithm and subsequently predict the numbers that would be generated in the future, breaking the encryption. Thus, any algorithm that used random numbers generated by Dual_EC_DRBG could be compromised.
Even though Dual_EC_DRBG was known to have a potential vulnerability, Juniper chose to incorporate Dual_EC_DRBG in its ScreenOS. However, Juniper said that it was using a different point Q, thus preventing anyone from breaking the encryption. Yet, in August 2012 it appears that Juniper changed its Q value back to the original (and vulnerable) value, so that encrypted traffic could have been easily broken. In fact, an attacker would only have to examine 30 bytes of raw output to have the necessary data to initiate the attack. Juniper eventually patched both vulnerabilities.
- Category
- Security
- Tags
- cybersecurity, ProfessorBlackOps, cyber security, AVA 360 security
Sign in or sign up to post comments.
Be the first to comment