IS4560 Hacking
Unit2 Assignment2
Vulnerability of a Cryptosystem
The vulnerability that has been discovered has a primary affect to a cryptosystem and a secondary affect to a cryptosystem. The vulnerability in question is a weakness in the MD5 algorithm that would allow for collisions in output. As a result, attackers can generate cryptographic tokens or other data that illegitimately appear to be authentic.
Now the secondary affect is that the MD5 hashes may allow for certificate spoofing on a Cisco ASA system.
If an attacker was able to exploit this weakness on the University's cryptosystem, the said attacker could construct forged data in a variety of forms that will cause software using the MD5 algorithm to incorrectly identify it as trustworthy. Since the underlying vulnerability occurs in a cryptographic primitive, specific exploitation scenarios vary widely depending on the nature of the data, the attacker has the ability to spoof and how it is validated by the software. For example, in a particularly egregious vulnerability scenario, a victim user may be mislead into supplying sensitive information to a malicious website believing that it is authentic based on an apparently valid signed SSL certificate.
There is currently not a fix or solution for the weakness/vulnerability. The best that has been presented are mere suggestions to implement. There are currently only (2) suggestions, those are, 1. Do not use MD5 algorithm, Software developers, Certification Authorities, website owners, and users should avoid using the MD5 algorithm in an capacity, it should be considered cryptographically broken and unsuitable for further use.
2. Scrutinize SSL certificates signed by certificates using MD5 algorithm. Users may wish to manually analyze the properties of web site certificates that are signed by signing certificates using the MD5 algorithm. The procedures for accessing certificate details differ depending on the software in use but the signature algorithm is
Vulnerability of a Cryptosystem
The vulnerability that has been discovered has a primary affect to a cryptosystem and a secondary affect to a cryptosystem. The vulnerability in question is a weakness in the MD5 algorithm that would allow for collisions in output. As a result, attackers can generate cryptographic tokens or other data that illegitimately appear to be authentic.
Now the secondary affect is that the MD5 hashes may allow for certificate spoofing on a Cisco ASA system.
If an attacker was able to exploit this weakness on the University's cryptosystem, the said attacker could construct forged data in a variety of forms that will cause software using the MD5 algorithm to incorrectly identify it as trustworthy. Since the underlying vulnerability occurs in a cryptographic primitive, specific exploitation scenarios vary widely depending on the nature of the data, the attacker has the ability to spoof and how it is validated by the software. For example, in a particularly egregious vulnerability scenario, a victim user may be mislead into supplying sensitive information to a malicious website believing that it is authentic based on an apparently valid signed SSL certificate.
There is currently not a fix or solution for the weakness/vulnerability. The best that has been presented are mere suggestions to implement. There are currently only (2) suggestions, those are, 1. Do not use MD5 algorithm, Software developers, Certification Authorities, website owners, and users should avoid using the MD5 algorithm in an capacity, it should be considered cryptographically broken and unsuitable for further use.
2. Scrutinize SSL certificates signed by certificates using MD5 algorithm. Users may wish to manually analyze the properties of web site certificates that are signed by signing certificates using the MD5 algorithm. The procedures for accessing certificate details differ depending on the software in use but the signature algorithm is