Constraints

16 May 2008

Debian “patch” allows simple brute force attacks

Filed under: Commentary — András Salamon @ 11:42

Back in May 2006, an enterprising Debian team member decided to address the complaints from Purify and/or Valgrind, when compiling OpenSSL.

The result was a patch that silenced those pesky warnings for good.

Notice how the second part of the patch comments out a piece of code calling the MD_Update() function; a piece of code that is explicitly bracketed by a pair of #ifndef PURIFY/#endif directives. In other words, the “right” way to fix this is probably to ensure that PURIFY is set during compilation. The reason provided for the change: “/* purify complains */”. Perhaps it is now usual to ignore the immediate context of code.

The interesting thing about this “patch” is that it reduces the space of keys to 32767 values for each of the common key sizes. As pointed out by the folks over at Metasploit, this makes it easy to generate the full list of keys. In fact, it’s so easy that they provide the list as a convenient download for each common key size, about 250MB of data in all.

The consequence: all SSH and SSL keys generated on Debian 4.0 (etch) derived systems from September 2006 or so are rather easy to guess.

Corollary: any data encrypted using such keys during the last 18 months can now be decrypted by anyone.

Let’s hope people have not kept too many packet traces of SSH connections between machines that use affected keys.

Corollary: change affected keys immediately.

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: