New hacker exploit found

New vulnerability, called DUHK (Don’t use hard-coded keys) puts login credentials of cryptoexchange users at risk
26 October 2017   1065

Researchers at the University of Pennsylvania and Johns Hopkins University have discovered a new vulnerability that could be used to compromise encryption keys of websites. In a potential this vulnerability also puts in risk the registration data of users of cryptoexchanges. This is reported by the BitsOnline.

The vulnerability, which was called DUHK (Do not use hard-coded keys), was discovered by cryptographers Nadia Henninger, Shaan Koni and Matthew Green. Its source is called ANSI X9.31 RNG, a pseudo-random number generation algorithm (PRNG) that has been used in numerous online products for the last 30 years, including the creation of encryption keys for VPN connections and browser sessions containing credentials, payment information and other information.

As the researchers found that when hardware and software products use ANSI X9.31 and a hard-coded seed key, the attacker has the ability to decrypt data passing through a vulnerable device.

Also, the fault lies with the manufacturers, who often use the hard-coded seed key for ANSI X9.31. In normal circumstances, the seed key must be generated randomly each time the device starts or ANSI X9.31 itself.

In January 2016, the Federal Information Processing Standard (FIPS), the agency responsible for developing computer security standards in the US, removed ANSI X9.31 RNG from its lists, citing as one of the reasons non-encryption-resistant encryption.

As the researchers say, before attacks DUHK FortiOS is vulnerable from version 4.3.0 to 4.3.18, There are more than 23,000 devices in the network on the network. FortiOS 5.x is not affected, while seed key from FortiOS code 4.3.19 has already been cleaned.

Researchers also note that although the DUHK attack is not so easy to implement, it is more than possible to apply it in practice. So, using DUHK, a modern computer is able to pick up the main encryption key in just four minutes.

The situation is complicated by the fact that Fortinet is not the only vulnerable producer. In their report, the specialists presented a list of products using ANSI X9.31 and hard-coded seed key. The list, in particular, includes solutions from Cisco and TechGuard.

List of products/vendors open to DUHK attacks
List of products/vendors open to DUHK attacks

The vulnerability is not aimed directly at users of crypto-exchange exchanges, but can be used by hackers to manipulate output to compromise encryption keys and use them to gain access to confidential user information, including registration data, bank account details, etc.

You can learn more at the official website.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   1026

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.