Welcome to the third edition. Let’s dive right in…
Is There a Draft in Here?
Last week, NIST released draft standards for 3 of the 4 winning post-quantum algorithms: Kyber, Dilithium and SPHINCS+.
These drafts will be open for comments, and then final standards will be published in 2024. The draft of the remaining algorithm, FALCON, is expected soon.
For more details see the link below.
NIST announcement: https://csrc.nist.gov/News/2023/three-draft-fips-for-post-quantum-cryptography.
Photos or It Didn’t Happen
Prepare your pinches of salt, as another claim is made that RSA 2048 will be broken imminently.
According to Quantum Zeitgeist (link below), a quantum-inspired company called MemComputing has developed an algorithm that can crack a 300-bit number. They claim this could crack a 2048-bit key if it was implemented on purpose-built hardware.
Note: Their algorithm does not use quantum computing resources. Also, note that other techniques (such as the general number field sieve) can be used to crack numbers as large as 800 bits.
As of the time of writing, I've seen very little discussion on this claim. Nonetheless, I'm not about to panic. There's been so many cries of wolf of this nature, that I'm deeply sceptical of such claims.
Let's hope I'm right! Meanwhile, you can peruse the company's presentation at the links below. This information was shared as part of a technical report in a United States Air Force programme.
Original breaking news: https://quantumzeitgeist.com/quantum-inspired-memcomputing-says-rsa-2048-can-be-broken-in-real-time/.
Link to the technical report recording/slides. You will need a free membership to access them: https://openhive.us/disa/customObject/viewCustomObject/62a4a2487051.
SSH, Don’t Tell Anyone
Whoops. VMWare was shipping products with pre-generated, non-unique SSH keys. Attackers could trivially bypass authentication.
The mistake affected their Aria Operations for Networks product line. For several releases in a row, the product shipped with static SSH keys. Anyone who downloaded the product received a copy of the key and could use that to access the command-line of vulnerable appliances.
The issue was tracked as CVE-2023-34039 and was fixed earlier this summer.
Unsurprisingly, the CVE got a top severity rating.
Link to the CVE information: https://nvd.nist.gov/vuln/detail/CVE-2023-34039.
Do Not ENTER
Easily my favourite headline in recent months: “MASHING ENTER TO BYPASS FULL DISK ENCRYPTION WITH TPM, CLEVIS, DRACUT AND SYSTEMD”.
A penetration testing firm (Pulse Security) managed to mount an encrypted Ubuntu disk partition by simply spamming the boot process with ENTER key strokes.
The attack took advantage of some design trade-offs. Everyone wants encrypted disks. Yet the ability to remotely and autonomously reboot systems without humans typing in passwords is also very useful. Trying to serve both use cases appears to have left some exploitable gaps, despite the use of TPMs.
I won't repeat all the details here. See the link in the first comment for a short write-up from the authors of the attack. One of their closing sentences sums up the challenge nicely:
"It’s a little bit unclear whose fault this problem is exactly, it sits at an unfortunate intersection of a number of different design decisions and implementations."
Not the reassuring conclusion we'd hope for.
Write up from Pulse Secure: https://pulsesecurity.co.nz/advisories/tpm-luks-bypass.
Tor Puts Users to Work
I had assumed proof-of-work was a Bitcoin invention, but it was originally proposed as a defence against spamming.
Here's how it works. Before access to a resource is granted (such as the ability to send an email), clients solve a small computational problem. Legitimate clients, who send a handful of emails, will never notice the work being done. But spammers who send thousands of emails per second will face mounting costs from the computational overheads.
One early paper on this topic was "Pricing via Processing or Combatting Junk Mail" (link below) which was published in 2001.
Flash forward to 2023, and Tor has just launched a PoW scheme designed to prevent DOS attacks on its networks. (Tor has suffered greatly in the last 18 months from persistent DOS attacks on its networks).
Clients will be able to bid for higher connection priority by offering to compute complex problems. The harder the problem, the further you move up the queue.
Pretty cool! Of course, this assumes your adversaries don't have a LOT more computing power than your typical users. This could be the case for Tor, with so many nation-states concerned about the secrecy it provides.
Link to the 2001 paper: https://link.springer.com/chapter/10.1007/3-540-48071-4_10.
The Tor PoW proposal: https://github.com/torproject/torspec/blob/main/proposals/327-pow-over-intro.txt.