DUHK ATTACK CAN RECOVER COMMON CRYPTOGRAPHIC KEYS

Another vulnerability set in the key-finding set of tools is now recently discovered – the DUHK attack or Don’t Use Hard-coded Keys.  DUHK can easily infiltrate devices using ANSI X9.31 Random Number Generator (RNG).

Recently, several cryptographic key vulnerabilities were reported such as KRACK Wi-Fi attack and ROCA factorization attack.

The mechanics of KRACK sums up the WPA2 4-way handshake, which is responsible for installing a fresh encryption key for wireless networks.  With the KRACK attack, WiFi networks using WPA2 encryption is now susceptible to breaches.

The ROCA vulnerability, on the other hand, works by using the public-key, the key used for encryption to reverse-calculate the private key and decrypt the target data or access the target device.

The DUHK attack is a combination of two main factors:

The first is the utilization of the ANSI X9.31 Random Number Generator (RNG).  This is a type of algorithm that takes random data and generates encryption keys used to secure VPN connections, several browsing sessions, and other encrypted data.

The second factor needed for a DUHK attack is when hardware manufacturers use a hardcoded “seed key” for the ANSI X9.31 RNG algorithm.  Normally, vendors generate a random seed key at device startup or before launching the ANSI X9.31 algorithm.

Fortinet FortiGate devices using FortiOS 4.3.0 to FortiOS 4.3.18 are vulnerable to DUHK attacks (CVE-2016-8492).  However, FortiOS 5.x is not affected, while Fortinet removed the hard-coded seed key in FortiOS 4.3.19 after researchers have contacted the company.

In hardware/software products that combine ANSI X9.31 and deploy a hardcoded seed key, attackers can easily decrypt encrypted data carried out through the target device.  This includes data transmitted over VPN connections or even encrypted web sessions that carry out login credentials, payment information, Intranet information, private enterprise data, and other sensitive information.

The DUHK attack is actually aggressive, considering that the attack may be carried out in around four (4) minutes per connection.  Furthermore, user interaction is unnecessary, as all the attacker needs is an appropriate position to observe traffic coming from a vulnerable device.  Taking into account as well that this is a passive network attack, detecting DUHK attacks might seem far from possible.

In view of the numerous possible threats that the DUHK attack possess, users are advised to verify if their wireless devices use the ANSI X9.31 Random Number Generator (RNG), and to discontinue using the device the soonest time possible.  It is also advised to avoid the any VPNs using FortiOS 4.3.0 to FortiOS 4.3.18.

 

Manny Cuevas

My name is Manny Cuevas a Security Researcher / Engineer for about 15 years that focuses on Web and Mobile applications and other platforms from the Island of Sulu, Philippines. I’m also a scientist, inventor and a top ranked hacker in the world that bypass all security systems.

 

Leave a Reply

Your email address will not be published. Required fields are marked *