Home page logo
/

bugtraq logo Bugtraq mailing list archives

CISCO PIX Vulnerability
From: Damir.Rajnovic () EUROCERT NET (Damir Rajnovic)
Date: Wed, 3 Jun 1998 15:24:50 +0100


-----BEGIN PGP SIGNED MESSAGE-----

Hello there,

Additional details regarding CISCO's Field Notice -
PIX Private Link Key Processing and Cryptography Issues

CISCO PIX Private Link feature uses DES key that is only 48 bits in length.
It is not obvious straight away since key is internally expanded from
7-bytes (as entered in command line) to 8-bytes that is used by DES. If
you dig into that expansion algorithm you'll find that third byte, counting
from the right, is not used at all. This is how key is expanded:

#!/usr/local/bin/perl
# Key used by DES
@key_data=( 0, 0, 0, 0, 0, 0, 0, 0 );
# Key entered in LINK statement
@key_in = ( 0x00, 0x00, 0x00, 0x00, 0x00, 0xda, 0xaa );

# Key expansion algorithm
$byte = ($key_in[6] & 0x3F) << 2;
$key_data[6] |= $byte;
$byte = ($key_in[6] & 0xC0) >> 5;
$key_data[5] |= $byte;

$byte = ($key_in[5] & 0x7F) << 1;
$key_data[7] = $byte;
$byte = ($key_in[5] & 0x80) >> 6;
$key_data[6] |= $byte;
#
# Byte 4 (from left) seems to be ignored
#
$byte = ($key_in[3] & 0x01) << 7;
$key_data[1] |= $byte;
$key_data[0] = ($key_in[3] & 0xFE );

$byte = $key_in[2] & 0x03;
$key_data[2] |= ($byte << 6);
$byte = ($key_in[2] & 0xFC) >> 1;
$key_data[1] |= $byte;

$byte = $key_in[1] & 0x07;
$key_data[3] |= ($byte << 5 );
$byte = $key_in[1] & 0xF8;
$key_data[2] |= ($byte >> 2);

$byte = $key_in[0] & 0x0F;
$key_data[4] |= ($byte << 4);
$byte = $key_in[0] & 0xF0;
$key_data[3] |= ($byte >> 3);
#
# Now you can use key in @key_data for encryption

Apparently, knowing what bits are fixed will not bring attacker
any additional 'gain' in breaking a DES. At least I was told that by
people from sci.crypt group.

Another thing is that PIX is using DES in ECB mode. CISCO admits that
"....ECB is not generally considered to be the best mode in which to
employ DES,...." but you'll have to live with it. CISCO will not fix
that so you'll have to buy future IPSEC/IKE products.

Cheers,

Gaus


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>

iQCVAwUBNXUJgMAFeq0PniW5AQGQXAP9Gj7AvwHtvzgv0FlAVIOfRlHCWKN+APdM
VsGfvPKXxxkZbmJKu/27J0mChsx7Kp60TXWMATiaosVHSBVYpm5vQ8B1ljF9GZtz
FJcuo/wN746coNaQSHiJv4jytun7VzmG6/gJF3O746GrAMhzj2VTeSvUlGMVx2a0
NlNhH7HJ8Yo=
=ow3T
-----END PGP SIGNATURE-----

---------------------------------------------------------------
EuroCERT                                tel: (+44 1235) 822 382
c/o UKERNA                              fax: (+44 1235) 822 398
Atlas Centre
Chilton, Didcot
Oxfordshire OX11 0QS, UK



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]