Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encryption Key Retrieval Method Invented

Posted by emmett on from the break-in-the-hard-way dept.

try67 writes "ZDNet has this article discussing a method developed by several scientists (including Adi Shamir - the S in RSA, the guy who later found a way to crack RSA, GSM alg. cracker, and all-around very cool guy) of finding and stealing encryption keys from servers. The key's randomness seems to be what's giving them away." This is an interesting piece, but why do people continually feel that my credit card number is the most valuable piece of information I own? There's more than e-commerce at stake, people.

20 of 218 comments (clear)

  1. This algorithm has been known abut for a while by Paul+Crowley · · Score: 4

    This algorithm was published quite a while ago: I've implemented it myself. It's best use is to look for "NSA key" type backdoors in closed source software, like Lotus Notes. The only "news" is that nCipher have worked out a way to turn it into publicity for their product. As everyone is saying, it's not very contentful.

    By the way, Adi Shamir (and Ron Rivest, for that matter) have done a *lot* more crypto work than just RSA. Shamir is one of the inventors of differential cryptanalysis (along with Eli Biham).
    --

    --
    Xenu loves you!
  2. This is bad... by Millennium · · Score: 3

    However, I'm intrigued by that comparison to ultra-quiet submarines.

    Think for a moment. Say you had a fleet of ultra-quiet submarines. You know that your enemy can track them if my looking for unusually quiet spots. So, what do you do?

    The answer: surround their fleet. Cancel out the ambient noise, so the quiet spots can't be picked out. It's the opposite of creating noise to cover noisy submarines.

    Therefore, one answer would seem to be the creation of many "dummy" keys on the server. They're generated just like the "real" key is, so they're just as random. Thelocation of the "real" key then becomes a closely-guarded secret, of course, as much so as the machine's root password.

    Consider that the strongest keys out there are only 4K. This means that creating 1000 dummies only wastes four megs of space; in an age where it's hard to find drives less than twenty times that size this isn't really that much of a space-waster.

    The best solution would be a completely-encrypted filesystem. Then there would be no way to tell the key from any other data, and even if you could it would be useless. Are there any good fully-encrypted filesystems out there yet? Linux-compatibility would be a plus...

  3. How is this different from what the cDc does? by neuroid · · Score: 4

    So let me see if I can get this right...the cDc releases information about a security risk in a certain company's operating system, thus causing said company to deny there is a problem, blame in on the cDc, and finally, fix it...eventually. Therefore, the cDc is a bunch of evil hackers because they provided this information.

    When a group of respected scientists point out a security vulnerability, they're the good guys, for pointing out a vulnerability that 'hackers' might exploit.

    Well, I guess that's fair.

  4. Consumers are not really at risk here by tilly · · Score: 3

    The details vary according to your country's consumer protection laws, but if your credit card is stolen and used, you are not directly liable for more than a certain amount. ($50 in the USA.) Who is? The credit card company! The cost of that liability is a risk they bear, and comes back to merchants and consumers through costs for setting up credit cards.

    This is why credit card companies put so much energy into keeping profiles of consumers, and will yank your card as soon as you no longer fit your profile. It is also why banks love debit cards - since they are drawn directly on your bank account, there is no limit on your liability risk.

    Just another right that people have and don't appreciate...

    Cheers,
    Be

    --
    My usual seat in the cluetrain is at A HREF="http://pub4.ezboard.com/biwethey.ht
  5. Re:e-com vs. phone order by alhaz · · Score: 3

    Arguably, remote commerce isn't anywhere near as dangerous as buying dinner at a decent restaurant.

    Think about it. You're just handing your actual credit card to someone you've barely met. They may take it across the street and buy a TV for all you know, or they may just decide to keep it.

    --
    This is just like television, only you can see much further.
  6. Re:Easy Solution by Detritus · · Score: 3

    It isn't always that easy. In an infamous case, John Munden, a British police officer, was charged with attempted fraud and convicted for complaining about funds missing from his bank account. The bank, Halifax Building Society, said that their systems were secure, therefore Mr. Munden was lying. This was enough to convince the court. The conviction was later overturned on appeal.

    --
    Mea navis aericumbens anguillis abundat
  7. An Old Problem by Detritus · · Score: 5

    Key storage and protection is an old problem. You have to assume that the operating system may be cracked, either by an external attacker or by an authorized user. The solution is to store keys in a tamper resistant hardware device, which can be an external box or a special chip. The keys can go into the device, but they can't come out. IBM has used this approach for their mainframe cryptographic facility for decades. IBM has a PCI card that solves this problem for PCs.

    --
    Mea navis aericumbens anguillis abundat
  8. bogus security model by jetson123 · · Score: 3
    Here is the assumption from the nCipher paper:
    Once decrypted into plain-text, the key is vulnerable to the "key-finding" attack. But since a key is only a few hundred bytes long and the storage space of the server may be tens of gigabytes, conventional reasoning argues that an intruder is unlikely to ever find the key.
    I know of noone that relies on the difficulty of finding a key within a few gigabytes of memory to protect their server. Doing so would be silly: there are a lot simpler attacks than looking for keys by their randomness. For example, most server software is standardized, and it's easy to figure out what locations hold pointers to the keys (you can find out by analyzing the source or by experimenting with your own copy). And there are many other ways to attack.

    If you want your keys to be secure, the system that keeps them has to be physically secure and secure against unauthorized logins because at some point, the system will have the plain text keys in memory somewhere.

    Of course, the whole thing is an attempt by nCipher to drum up business--they want to sell their "nCipher hardware". If you use a cryptographic accelerator that also performs the key management, you are a bit safer, because most of the time, the keys are available only inside the accelerator, a device that is probably harder to "break into" than the whole server. But nCipher's solution is still vulnerable because you communicate with the encryption box over the web and the web client you use could be attacked.

    The best security for your keys is likely to be achieved by using a crypto accelerator for which the key is entered physically at the box (e.g., via a SmartCard or keyboard), or for which you physically connect the box to another, non-networked computer while performing key management functions. Lots of products besides nCipher's are capable of that.

  9. I don't think that this is not as bad as it looks. by bogado · · Score: 3
    I read the article in the nCifer site. And by the looks of it you must have the ability to run software on the server to be able to actualy find a key.

    The vulnability described is a way to scan memory and finding a private key in the middle of it. Since most servers, even the NT ones :-), have strict security on who can run and who can access memory this would be no problem for most of the server.

    The major problem I see is the virtual servers that hold many sites into a single machine. Every site owner have access to run programs in the machine, if those sites are not properly secured one site owner could be able to exploit some known hole to be able to scan memory is search for other site owner's keys.


    --
    "take the red pill and you stay in wonderland and I'll show you how deep the rabitt hole goes"

    --
    []'s Victor Bogado da Silva Lins

    ^[:wq

  10. Not a problem by garver · · Score: 4

    As I'm reading this article, they are saying that once into a web server, it is easy to search for a key because it is more random then any other data on the disk. Wish I could get paid for these kinds of revelations.

    The solution: don't let anyone into your web server in the first place. I would consider the web server compromised and the keys invalid if someone got in and was able to snoop where the keys were located. Even if you do allow shell access to the web server (a bad idea in my opinion), put the keys in a root read-only directory! I believe the setup instructions for mod_ssl says to set your SSL key as 400, therefore only root can read it.

    This article is irresponsible. They make it sound as if your credit card is already at stake, not just after someone has broken into a web server and stole keys. It is not news that encrypted data is at stake after someone has stole the private key.

  11. e-com vs. phone order by fartmaster · · Score: 4

    I consider buying things over the web to be in the same league as ordering items over the phone. When people order things over the phone, they are dealing with a PERSON. How do they know that the operator that is taking their order is not going to rip them off, or do something stupid with their credit card number?

    Plus, in both cases you don't know if the credit card information is being STORED properly. I've seen plenty of discount e-com setups that will have a fancy site certificate making it look secure. Then when the form is submited a plain text email gets sent to some email address so that someone can manually punch it in.

  12. reprocussions by Haven · · Score: 4

    This article was posted at 5:38pm EST. Thats after the stock market closed. I wonder what kind of affect this would have on the "dot com" stocks... This would be a shame considering that the NASDAQ is doing so well lately.

  13. Is this news? by Hobbex · · Score: 5


    The fact that encryption keys can be found in data by looking for strings with higher entropy then usual is not new. I have heard it several times, and I believe that this was how the "NSA_key" thing in the Win2K source code was discovered (remember that, MS let NSA authenticate their own crypto modules and people started screaming backdoor). If I'm not wrong, its even mentioned in 'Applied Cryptography'.

    The article says "root around looking for the keys", which I read as getting root to the server (I mean, who is going to keep code that contains crypto keys globally readable?) and that isn't exactly easy to begin with. And if your hosting server gets rooted your sort of fucked anyways...

    As far as the big deal over Credit Card numbers is concerned, I couldn't agree more. I don't know about you people, but I operate under the assumption that my credit card number is always in the hands of others. I mean, the security of a credit card number rests on the fact that "no one can remember 20 digits." Obscurity would be an infinite step up.

    Credit card numbers can be stolen by anyone who you shop at, anyone who goes through those shops or your trash, anyone who (with a little memorization training) is able to read your card, etc ad infinum. The whole system is based on the fact that credit cards numbers can be stolen but that its cheaper for the companies to take the loss then implement a smarter system. If that doesn't fit you shoe, then there is always cash...

    -
    We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.

  14. bogus article by zzzeek · · Score: 5

    /. should post articles of higher quality than this. This article is very clearly nothing more an ad for a company with a dumb product (I say dumb because there should be a better argument for its usage other than this):

    Van Someren said nCipher decided to go after encryption keys because "we make products that redress these problems." The company offers a hardware solution to the problem of encryption-key security.

    Everyone here should know that "security through obscurity" is a foolish and invalid method of security. This article is particularly annoying with its "submarine" and "cold war" analogies as well as its mention of "increasing hacker ingenuity", as though finding a big file of encryption keys open to all users on a server is some high tech stealth technique from a Harrison Ford movie or something.

  15. If I read the article correctly... by wowbagger · · Score: 5
    If I read the article correctly, all this new "method" does is allow you to find the keys once you have cracked the server.


    Well, duh! Once I'm in, you have big problems. So, DON'T LET ME IN


    It is not as though this is a new means to attack a server and gain access, just a way, once you have access, to find what you want.


    And, if you store a bunch of data in compressed format (which also looks pretty random), then the search will be confused.


    "The sky is falling! The sky is falling!" Any modern journalist.

    --
    www.eFax.com are spammers
  16. Another psuedo-hack by MobyDisk · · Score: 5

    To re-iterate. There are now two (2) ways to obtain credit card numbers:

    Method #1:
    * Crack into a highly secure server, likely behind a firewall (details left out, this part is easy)
    * Apply heuristics and a random number searching algorithm on the hard drive (heuristics + classic compression algorithms such as LZW will work here)
    * Use the keys to monitor transactions with this server and obtain credit card numbers
    * Use credit card numbers to purchase online pron

    Method #2:
    * Get job at local store for approx. 1 hour
    * Obtain tools: pen, paper, or a good memory
    * Use tools to store credit card numbers
    * Use credit card numbers to purchase online pron

    The opening of this new method, number one (1), could be a serious threat to e-commerce. It makes e-commerce almost 1% as dangerous as physical world purchases! I know I'll never type https:// again and feel safe. I'm doing my purchases with complete safety: over the phone.

  17. These guys know there stuff, where's the proof? by Money__ · · Score: 3
    From the article:
    Alex Van Someren, president of nCipher in Cambridge, England, said the discovery of a method for retrieving encryption keys revolves around research conducted by his brother Nicko, chief technology officer and co-founder of nCipher, and Adi Shamir of the Weizmann Institute in Israel, co-inventor of the RSA encryption system, the base for much current encryption technology.

    This story reads pretty credible, but I have to wonder where the proof is. The article does draw an interesting analogy about submarines making themselvs more and more quiet untill the only way to "hear" them was to search for the "hole" in the water. They say that this same kind of aproach was used to find keys.

    This tmethidology seems logical, but it's implementation soes not. Does the reasercher point to his finished work?
    _________________________

  18. Re:A threat by B'Trey · · Score: 3
    If slashdot doesn't stop linking to articles that says hackers are computer criminals, I'll stop reading slashdot. *sigh* Why? Because I expect Slashdot to link to truthful stories.

    A hacker IS a computer criminal. Why? Because that's what most people mean when they say it. Words mean whatever people understand them to mean. There is no Official Definitive Dictionary of the English Language somewhere which inscribes in stone the true definition of a word.

    Language eveolves and changes. Just as the geek culture took words from "standard" English and changed their meaning, the non-geeks took one of our words and changed it's meaning. We don't own the langauge any more than they do; their definition of the word is no more incorrect than ours.

    Yeah, I know. Off-topic. -1

    --

    "The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.

  19. Re:Easy Solution by smack.addict · · Score: 3
    You are spreading ignorance and fear.
    • Most people can get credit cards with 9.9% interest or less.
    • Smart people pay no interest. They pay their credit card bills every month.
    • The safest means of commerce is to give your credit card info out over the internet.
    The safest means of commerce? Yes. You carry $100 on the street and get mugged, you lose $100 (as well as possibly your health or your life). If someone uses your credit card, however, you are liable for *at most* $50 in charges so long as you let the credit card company know.

    Furthermore, transmitting your CC# via SSL is more secure than giving it to a waiter or saying it over the phone.

  20. So keep your keys ASCII armored by Borgy · · Score: 4

    If you keep your keys in hexadecimal or base64 rather than binary, then the information content is maintained but is spread across a greater amount of data. This easily defeats the method. If you *really* want to reduce the average entropy, you can use a full byte '0' or '1' for each bit. or two bytes, or three ... ad infinitum.