Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Submission + - DUHK Crypto Attack Recovers Encryption Keys, Exposes VPN Connections (bleepingcomputer.com)

An anonymous reader writes: After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly "great" start with the publication of a new crypto attack known as DUHK (Don't Use Hard-coded Keys).

The issue at the heart of the DUHK attack is a combination of two main factors. The first is the usage of the ANSI X9.31 Random Number Generator (RNG). This is an algorithm that takes random data and generates encryption keys used to secure VPN connections, browsing sessions, and other encrypted traffic/data. The second factor needed for a DUHK attack is when hardware vendors use a hardcoded "seed key" for the ANSI X9.31 RNG algorithm. When these two conditions take place, an attacker can brute-force encrypted data to discover the rest of the encryption parameters and deduce the master encryption key used to encrypt web sessions or VPN connections.

In a research paper published today, researchers said they found 12 vendors that sold hardware/software products with hardcoded X9.31 seed keys. This issue is widespread because ANSI X9.31 is very widespread. Up until January 2016, the algorithm was on the list of US government (FIPS) approved RNG algorithms. ANSI X9.31 remained on the list until 2016, even if US NIST deprecated the algorithm in 2011, and scientists warned that the algorithm could be broken if the seed key ever leaked way back in 1998.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

DUHK Crypto Attack Recovers Encryption Keys, Exposes VPN Connections

Comments Filter:

The unfacts, did we have them, are too imprecisely few to warrant our certitude.

Working...