Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Bcrypt implementation flaw in Bouncy Castle crypto library laid bare

Attackers can bypass password checks in applications that use Bouncy Castle’s OpenBSDBcrypt class because of recently discovered cryptographic mistakes in the widely used encryption library.

The authentication bypass vulnerability (CVE-2020-28052) was discovered by security researchers at Synopsys, who went public with their findings in a technical blog post last week, several weeks after a fix was released that addresses the vulnerability.

Flawed verification routine

The OpenBSDBcrypt class implements the Bcrypt algorithm for password hashing. Coding errors introduced in the OpenBSDBcrypt.doCheckPassword method resulted in a flawed verification routine.

The practical upshot of this error is that an attacker doesn’t need a byte-for-byte match with the stored hash value in order to get past authentication checks, but without having a valid password through a brute force attack, as Synopsys explains:

An attacker must brute-force password attempts until the bypass is triggered. Our experiments show that 20% of tested passwords were successfully bypassed within 1,000 attempts.

Some password hashes take more attempts, determined by how many bytes lie between 0 and 60 (1 to 59).

Further, our investigation shows that all password hashes can be bypassed with enough attempts. In rare cases, some password hashes can be bypassed with any input.

Banking security expert Martín Obiols offered a neat summary of the vulnerability on Twitter.

“Earlier this year someone decided to add constant time comparison in BCrypt.doCheckPassword from Bouncy Castle,” Obiols said.

“They used indexOf instead of charAt in the check, they broke it and you could do random attempts with a 20% chance of success in [1,000] tries.”

The Daily Swig invited Synopsis to comment on its research. We’ll update this story as and when any comment comes through.

Bounced into an update

The issue is limited to Bouncy Castle 1.65 and 1.66 (builds released this year) and fixed with Bouncy Castle 1.67, released in November.

Versions prior to Bouncy Castle 1.65 are not subject to the vulnerability (which earns a CVSSv3 score of 8.1).

Bcrypt hashing is used to check user-supplied passwords by web applications and APIs. Circumventing authentication techniques built using the technology is bad news because it creates a means for attackers to perform the same operations as a legitimate user, potentially an administrator.

BouncyCastle is a collection of cryptographic APIs, with version written for Java and C#, and maintained by Australia-based developers Legion of the Bouncy Castle.

Source: https://portswigger.net/daily-swig/bcrypt-implementation-flaw-in-bouncy-castle-crypto-library-laid-bare

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich....

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO