Category Archives: Security

Homomorphic encryption and trusting the Clouds

Posted on by

Homomorphic encryption is an old idea but only in 2009 and the work of Gentry started to have some possible practical applications. Since then there have been quite impressive improvements in the research in this field of cryptography, also due to the need to improve the security of data managed by Cloud systems.

In brief, homomorphic algorithms are cryptographic algorithms that allow to do computations, like sums, multiplications, searches etc., on encrypted data giving encrypted results, without knowing the encryption key.

It should be obvious that these algorithms would be very useful for Clouds’ applications since the owner of the data would be able to use the data remotely by keeping at the same time the data, and the result of the computations, always encrypted in the Cloud application.

Unfortunately homomorphic encryption is not ready yet for general use, but it has just appeared an interesting research paper by Microsoft Reasearch announcing the release of a SEAL (Simple Encryption Arithmetic Library), a library for using homomorphic encryption in bioinformatics, genomic and other research areas.

Cryptography is too risky: should we use something else to secure IT systems?

Posted on by

Obviously the title of this post is provocative, but reading some recent news it is evident that us, IT professionals and IT industry, are not good in managing cryptography. The consequence is that we deploy cryptography in IT products and give a false sense of security to the users. This actually can have worse consequences than if we would not use cryptography at all. I will give just a couple of examples.

This research paper shows how a well-known brand of hard disks has implemented disk encryption in totally faulty ways, to the point that for some disk models hardly any security is provided by the built-in disk encryption functionalities. This is just another of many similar cases, where cryptographic protocols and algorithms are incorrectly implemented so to cancel all or most of the security that they should provide.

Another research paper shows how a well-funded agency or corporation can in practice break the encryption of any data encrypted with the Diffie-Hellmann (DH) key exchange algorithm using keys up to 1024 bits included. Should we be shocked by this news? Not really since already 10 years ago it was known that a key of 1024 bits is too short for DH. Indeed, as per RFC 7525, a 1024 bit DH key offers a security less than a conventional bit security of 80 bits, but again RFC 7525 states that the absolute (legacy) minimum required conventional bit security must be 112 bits, and the current minimum required conventional bit security is 128 bits, that would practically correspond to a 2048 bits DH key. Even if we, IT professionals and IT industry, have known for at least 10 years that 1024 bits DH keys are too short to offer security to the data that they should protect, as of today a too large number of HTTPS websites, VPNs and SSH servers use DH keys of 1024 bits or less (see again the research paper mentioned above).

Unfortunately these are not two isolated examples, recent news are full of similar facts. So I start to wonder if we are good enough to manage cryptography or if we should look into something else to protect IT systems.

The OPM hack and Biometric Authentication

Posted on by

For a long time, biometric authentication has been considered to be the safest and more secure way of identifying users and granting access to IT and non-IT services. It has just one serious drawback: you cannot change the biometric credentials, this is centainly “you”, and if your biometric credentials are stolen, someone could impersonate “you”.

This is what has happened in the OPM hack, the latest news reports that 5.6 million fingerprints of USA federal employees have been stolen, see wired for example. Information about this is scarce and it is not clear which is the format of the stolen fingerprints and how easy it could be to reproduce them. Security experts believe that it will be possible, sooner or later, to reproduce them, it is just a question of time, technology and money.

So what about the persons who have their fingerprints stolen and possibly reproduced by others? What about the security consequences for companies and the state?

How can we use the security of biometrics without the associated risk of impersonation?

On Ashley-Madison passwords crack

Posted on by

The Ashley-Madison story just got more interesting with the news that it has been possible to crack the supposedly well encrypted users’ password. As Ars Technica (among others) reports, the account passwords have been managed with bcrypt, and this makes it practically impossible to decrypt.

But the account passwords have also been used to create tokens related to the user’s sessions. In this case the password has been hashed with the broken algorithm MD5. From the token it is then easy to recover a lowercase version of the password, and with just a few tries, in some cases even as few as 256 iterations, it is possible to recover the exact password from the bcrypt encrypted value.

This is again another confirmation that security is not a feature to add somewhere in our IT systems, but a fundamental component of each part of it. Everyone doing IT must at least be security aware . In this case it would have been enough to use the SHA2 hash algorithm instead of MD5 to prevent the cracking of the passwords.

A new Ransomware kind of attack

Posted on by

This describes a new kind of IT ransom which should be much more professional and profitable.

The attacker manages to access some company’s servers, then encrypts the data in the databases but he modifies the DBs access routines to encrypt/decrypt on the fly all data with his own encryption key. In this way for the company all continues to work. He then waits a few months so that all DB backups are encrypted with his keys and at this point deletes the encryption keys from the company’s systems and asks for a ransom to give it back.Notice that backups are unusable because they too are encrypted with the attacker key.

Obviously, strong IT security procedures should prevent and detect this, from off-line testing of backups to intrusion detection.

IT Security and Cars (and the IoT world)

Posted on by

This news is a very good example of how IT security is generally perceived, almost like an annoying add-on or an after-thought, in any case better to think about it later …

Security should be one of the pillar of any IT product and service but very seldom it is.

It will be very interesting to see how Security and IoT (Internet of Things) will go together, the first glimpses are not promising even if many people warn of the possible disasters ahead.

More Thougths on Maintenance, Updates and Fixing

Posted on by

The issue of maintenance, updates and software fixing actually deserves a few more considerations.

Since a long time, security experts have been saying that software updates are essential for the security of operating systems and applications. A long time ago instead, software updates were considered only when new features or features’ updates were needed. It took a long time but by now, at least for mainstream applications, periodic (eg. daily, weekly, monthly etc.) software updates, in particular for security issues, are standard.

Still there are many unresolved issues. First of all there are still systems which are not updated regularly, among them there are some “mission critical” ICT systems considered so critical that updates are not applied for fear of breaking the system or interrupting the service, and, at the opposite end, some consumer embedded systems considered to be of so little value that a security update feature has been dropped altogether. (In my previous post I briefly mentioned these two classes of systems.)

But there are two other aspects that must be considered. The first one is the time that it takes between the release of the security patch or update by the software vendor or maintainer, and its installation on the system. As in the case of both Bash Shellshock and OpenSSL Heartbleed, patches and updates have been released out of the normal schedule, and they should have been applied “immediately”. To apply “immediately” a patch released out of the normal schedule, one should at least have a way:

  1. to know “immediately” that the patch has been released
  2. to obtain and apply “immediately” the patch to the systems.

Obviously to do this one needs to have some established emergency security procedure in place. One cannot rely on someone reading/hearing the news somewhere and deciding by herself to act as a consequence.

The second aspect, again also relevant in the two incidents mentioned before, is what to do in the time between the announcement of the existence of the bug and the availability of the patch, what is called a 0-day vulnerability. Again there must be some well established emergency security procedure which indicates what to do. The minimum is to assess what is the security risk of running the systems un-patched, to investigate if there are other countermeasures (like signatures for IPS or other network filters, detailed monitoring etc.), and in the extreme case just to turn off the service until the patch is available.

It seems easy, but it is not yet easy to put in practice.

Why the Bash ShellShock bug is so threatening ?

Posted on by

This year we had already at least two bugs which someone claims “have threatened to take down Internet”: OpenSSL Heartbleed and Bash ShellShock.

I will probably be unconventional, but by now I believe that, in particular for the Bash ShellShock bug, a much bigger security problem lies elsewhere.

Indeed my personal experience with the Bash ShellShock has been that most affected systems have been fixed overnight by the next automatic scheduled system update. Some critical systems have been manually updated in a matter of a couple of minutes without any process interruption. So all systems have been fixed as a matter of usual maintenance of ICT systems.

So where is the problem? Why so much hysteria about it? How is it possible that even very large and well-know systems have been attacked exploiting this bug?

Since it seems that as of today there are still many (too many) systems vulnerable to both the OpenSSl Heartbleed and Bash ShellShock, we have to conclude that the problem does not lie with the availability of the fix but with the maintenance procedure of the systems themself.

It is then not so much a problem of the bug itself, but of those managing or designing the systems which adopt this software, and any software at this point.

I can see two major areas where there can be maintenance problems:

  • large systems which are built with the approach “if it is not broken, do not fix it”: often in this case maintenance, even security patches, is not applied, update and patching procedures are complex and executed rarely; of course, if the system has not been designed or configured with the possibility of being easily updated or patched, any vulnerability in any software component can become a real big problem
  • similarly but even worse, are embedded systems which have been designed with the “build it once and forget about it” approach: in this case just the idea of maintenance has not been considered, or it exists only in the form of re-installing the full software (but only if you know how to do it and if a fixed new version of the full software has been made available).

It seems to me that more than blaming those writing and maintaining these software components, we should first think about how to maintain the software on our systems, which are the procedures for normal updates and security updates, etc.

On Cryptolocker and the like

Posted on by

Cryptolocker and similar malware are getting more and more common. The latest versions that appeared work on also Android (one id called Simplelocker). In general what they do is to encrypt some or most of the files on your PC, tablet or smartphone, in particular text, sound, images and video files, which of course includes all your music video library.

Been a ransom, you are asked to pay some bitcoins (or similar untraceable currency) to get your files decrypted.The only defense, a part from keeping your PC clean, up-to-date, with good anti- … whatever … and being very careful on what you click and the email you open, is to keep very updated backups. Indeed once you get infected and locked / encrypted, there is absolutely nothing that you can do to decrypt the files (unless of course if you pay).

The only precaution is to have good and recent backups, and start all-over again from scratch.

But there is a very important point to remember here, not all backups are equal! Good backups are only those done on off-line media, like dvd, blu-ray disks, external usb disks that are connected only for the time of making the backup, and so on. In technical term it is often called an air-gapped backup, that is a storage that you cannot usually access from your device. This excludes most of the Clod storage and backup systems!

The reason for this is that if the backup is on a continuously or very often connected device, and the backup is done automatically as soon as new data is on your device, when the ransomware encrypts your file, the encrypted version is automatically copied on the backup device substituting the original data, and you can end up having also the backup data encrypted.

Note Added: Simplelocker is more a proof-of-concept than a real malware, in these two posts [1] and [2] Simon Bell describes the malware and how to decrypt the files.