RSA Keys
Home Up


RSA Keys: pt 2 ]

Fast, reliable data access for ODBC, JDBC, ADO.NET and XML
Business Intelligence with R&R ReportWorks
Got SOX compliance?
Movielink Logo 88x31
IBM eserver xSeries 306m 8849 - P4 3.4 GHz
iTunes Logo 88x31-1


Sponsor Links
Fast, reliable data access for ODBC, JDBC, ADO.NET and XML

1 2 Next>>

Databases, Networks and Digital Certificates Vexed by Pervasive Security Flaw

by Ken North

Client-server communications and digital certificates are vulnerable to attacks against pervasive RSA technology

Public-key encryption and RSA security have been mainstream solutions among software developers who rely on cryptography for data and communications security. Researchers have recently uncovered security flaws and successful attacks against software using RSA keys. This bad news follows reports in 2004 and 2005 of the SHA, SHA-1 and MD5 hash functions being broken. These recently uncovered vulnerabilities raise concerns about security issues with networks, web servers and browsers, digital certificates, e-commerce, web services and client-server database communication.

Cisco, IBM, Nortel, Sun, and Sybase have acknowledged security problems in products built with the open source OpenSSL toolkit, but not everyone has been forthcoming about OpenSSL vulnerabilities. For the Internet the problem is systemic - a recent estimate by the Nippon Telegraph and Telephone Corporation (NTT) is that more than 60% of World Wide Web servers have an installed OpenSSL toolkit.

The OpenSSL software provides plumbing for secure data communications using the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. SSL and TLS rely on digital signing and verification to provide privacy and data integrity. Communications and the exchange of certificates between SSL/TLS clients and servers rely on various ciphers for encrypting data, including RSA public-key algorithms. The OpenSSL project has published an open source toolkit for SSL and TLS that's extensively used by the computer industry.

RSA Key Exponent 3 Vulnerability

In September 2006, Daniel Bleichenbacher of Bell Labs notified the OpenSSL project of a security flaw in its RSA key handling. Bleichenbacher is a well-known researcher in cryptography circles and as far back as 1998 he gave conference presentations on flawed implementations of RSA algorithms. At the CRYPTO-2006 conference, he discussed an RSA signature forgery attack and flawed implementations of RSA signature verification, a problem that has surfaced with the OpenSSL toolkit.

When used with SSL/TLS, RSA digital signatures provide an indicator that a communication is authentic. However, Bleichenbacher identified a problem with OpenSSL communication using RSA keys generated with exponent 3. The problem affects all versions of OpenSSL prior to and including 0.9.7j and 0.9.8b.

The flaw enables malevolent users to forge PKCS #1 v1.5 digital signatures and certificates signed with those keys. This enables attackers to bypass security restrictions and view confidential information.

Buffer Overrun and Denial of Service Vulnerabilities

In late 2006, security researchers uncovered other serious OpenSSL security vulnerabilities. One of the researchers was Dr. S. N. Henson of Open Network Security and the UK government's National Infrastructure Security Co-ordination Centre (NISCC). Dr. Henson developed an ASN.1 test suite that uncovered denial-of-service (DoS) vulnerabilities in OpenSSL.

Within weeks, Google security researchers Tavis Ormandy and Will Drewry also reported a buffer overrun vulnerability in OpenSSL.

Timing Attacks on AES

The Advanced Encryption Standard (AES) was adopted by the U.S. government as a replacement for the weak Data Encryption Standard (DES). AES has proven vulnerable to side-channel or timing attacks. Daniel J. Bernstein of the University of Illinois at Chicago published a 2005 paper that explained attacks against a network server were successful at extracting AES keys. He found a problem of writing constant time AES software (independent of key and input) for general purpose computers. His timing attack worked successfully with a variety of processors, including AMD Athlon, Intel Pentium, IBM PowerPC and Sun UltraSPARC.

1 2 Next>>

Security  Database Server Watch  SQL Summit Home Page    Articles 

Visit (Grid Computing Knowledge Portal) Logo for Database and SQL/XML Portal

2006, Ken North, All rights reserved.