The Musings of Chris Samuel

This just in from Ben Lawrie:

For the last 6 weeks or so, a bunch of us have been working on a really serious issue in SSL. In short, a man-in-the-middle can use SSL renegotiation to inject an arbitrary prefix into any SSL session, undetected by either end.

But wait, there’s more..

To make matters even worse, through a piece of (in retrospect) incredibly bad design, HTTP servers will, under some circumstances, replay that arbitrary prefix in a new authentication context. For example, this is what happens if you configure Apache to require client certificates for one directory but not another. Once it emerges that your request is for a protected directory, a renegotiation will occur to obtain the appropriate client certificate, and then the original request (i.e. the stuff from the bad guy) gets replayed as if it had been authenticated by the client certificate. But it hasn’t.

Ben has a patch against the current development head of OpenSSL to ban renegotiation, but for most people it’ll need backporting to their current OpenSSL versions..

55 years after Alan Turing, one of the fathers of modern computing and one of the intellectual powerhouses behind the achievements of Bletchley Park, committed suicide following his conviction for “gross indecency” for being gay and his subsequent exile from GCHQ the UK Prime Minister has apologised for his treatment.

Turing was a quite brilliant mathematician, most famous for his work on breaking the German Enigma codes. It is no exaggeration to say that, without his outstanding contribution, the history of World War Two could well have been very different. He truly was one of those individuals we can point to whose unique contribution helped to turn the tide of war. The debt of gratitude he is owed makes it all the more horrifying, therefore, that he was treated so inhumanely. In 1952, he was convicted of ‘gross indecency’ – in effect, tried for being gay. His sentence – and he was faced with the miserable choice of this or prison – was chemical castration by a series of injections of female hormones. He took his own life just two years later. [...] we’re sorry, you deserved so much better.

The BBC has a good article on Turing, his persecution and the apology.

Alan, we all owe you a massive debt of gratitude for all your work and I’m very sorry the UK treated you so very cruelly. We cannot right those wrongs, all we can hope to do is to learn from them and try to not let them be repeated.

(Heard via an InsideHPC blog)

Lovely quote from Ron Rivest (the R in RSA) on security in cloud computing (e.g. Amazon’s EC2 and S3 models):

Cloud computing sounds so sweet and wonderful and safe… we should just be aware of the terminology, if we go around for a week calling it swamp computing I think you might have the right mindset.

Shishir Nagaraja of the University of Illinois at Urbana-Champaign and Ross Anderson of Cambridge University have published a very interesting paper called “The snooping dragon: social-malware surveillance of the Tibetan movement” (abstract, full report) on how agents of the Chinese government managed to infiltrate the computer network of the Dalai Lama’s organisation through ingenious social engineering and gain access to intelligence information that could lead to peoples arrest and possible execution.

It’s a very interesting report and points out that the techniques used are within the reach of motivated individuals as well as government intelligence agencies and ponders how much less well known organisations can cope with such attacks; it also lends weight to the sage advice offered in Ross Andersons “Security Engineering” book. Both are well worth a read, even for those of us whose network security is not a literal matter of life or death.

Via Bruce Schneier, a redacted version of the NSA’s “American Cryptology during the Cold War, (1945-1989)“ has been released thank to a request from the George Washington Universities National Security Archive project.

It includes a rather interesting section (book 1, pages 18 and 19) on how, in 1947, the UK foreign intelligence agency, SIS, decrypted some KGB messages from Canberra that turned out to include classified UK intelligence military estimates. This caused the US to break off crypto intelligence sharing with Australia putting the British in an awkward situation; as Clement Attlee put it:

The intermingling of American and British knowledge in all these fields is so great that to be certain of of denying American classified information to the Australians, we should have to deny them the greater part of our own reports. We should thus be placed in a disagreeable dilemma of having to choose between cutting of relations with the United States in defence questions or cutting off relations with Australia.

It took 5 years, the establishment of ASIO and a change in government from Chifley to Menzies before the US would reestablish full resumption of cryptologic exchanges with Australia and the author of the history concludes that this has a very bad effect on early American intelligence efforts against China.

The cause of the original leak to the KGB ? Two “leftists” in the Australian diplomatic service…

Now this is, umm, interesting..

We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol.

Trust no one..

(Via)

This has to be the best Schneier Fact. Ever.

In the USA a court has ordered that three MIT students not talk at DEFCON about their security assessment of the Massachusetts Bay Transit Authority (MBTA) fare cards. Apparently the court believes that “discussing the flaws at a public conference constituted a ‘transmission’ of a computer program that could harm the fare collection system“, which is pretty sad. There are more documents at Cryptome on the case. Their presentation was to include a cryptanalysis of the Mifare “Classic” card, which takes us to our second case..

Bruce Schneier reports that a group of Dutch researchers have won in court to be able to publish their own cryptanalysis of that very same Mifare Classic card, with the court stating:

Damage to NXP is not the result of the publication of the article but of the production and sale of a chip that appears to have shortcomings.

An outbreak of common sense that the MIT students could only dream of. I wonder if they could appeal and cite this case as grounds to have the judgement overturned ?

On the Beowulf list there has been a long thread on GPGPU and especially nVidia’s CUDA language. As part of it Prentice Bisbal posted about a friend of his, Mario Juric, who decided to write a proof of concept MD5 password hashing program to take advantage of CUDA.

In his message to the Beowulf list Prentice quoted Mario saying:

If you attempt to compute a single hash on an entire card, you won’t get any improvement. Same as you wouldn’t if you tried it on a single vs. quad core CPU. But if you compute four hashes, than single vs. quad makes a huge difference. And the GPU cards are effectively 128 core CPUs, so when you need to compute millions of hashes…

Now Mario Juric (who organised the AstroGPU workshop) has put up a web page on the program, which gives details of the sort of performance he got with a quick hack.

One way of visualizing this is noting that a single 8800 Ultra could brute-force break an MD5 hashed password of eight or less characters+numbers (A-Z, a-z, 0-9) in about ~16 days.

But this really is just a quick hack:

The MD5 code used here was written in less than 2 days, as a proof-of-concept, and with only a single one-liner GPU-specific optimization.

Of course if people do want to try playing with it the program is available, though at the moment there isn’t a software license included with it. I’ve emailed Mario about the license to see if he can clarify what the rules are.

For the past few weeks I’ve been reading “Codebreakers“, a collection of memoirs and essays by former staff at Bletchley Park, aka the Government Code and Cipher School (GCCS) War Station-X, Room 47 Foreign Office, etc. which worked throughout the war breaking enemy ciphers such as the German Enigma machine, the decrypts of which were called “Ultra“.

But today, via Bruce Scheiers blog, I’ve learnt that the trust that now runs BP has is facing financial problems as they receive no external funding and need cash to help preserve the buildings and the exhibits they restored after taking over the site in the 1990s.

The Bletchley Park Trust receives no external funding. It has been deemed ineligible for funding by the National Lottery, and turned down by the Bill & Melinda Gates Foundation because the Microsoft founder will only fund internet-based technology projects.

For the site that hosted the organisation that arguably saved the day in World War 2, not to mention being the birthplace of the first real computer, Colossus¹, it’s a sad predicament.

1. yes, I know it wasn’t Turing complete! [back]