Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8

from [3APA3A] Network Security [Permanent Link]
Subject: Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
Date: Fri, 26 May 2006 19:46:56 +0400 
Dear thesinoda@hotmail.com,

Sorry,  but  I  see  no security vulnerability here.

Disk encryption usually works this way:

1.  Disk  is  divided to blocks (or files). Each block is encrypted with
random  symmetric  key  to  extend  security  and encryption/description
speed.
2. Block key is encrypted with user's public key (or sometimes symmetric
key)
3.  User's  private  key  (or  shared  symmetric  key) is encrypted with
passphrase and is used for decryption.

If  you change passphrase, you decrypt your key and encrypt it with news
one.  Key  itself is not changed, because if key is changed you will not
be able to decrypt files.

Then  you give your disk with passphrase to someone - you actually share
your  private  key.  This  is the point YOU break security (or person who
accepts your key as his own). Now, you both share same key, and changing
passphrase  to encrypt this key doesn't help. Actually, what you do with
cut-and-paster is restoring your key encrypted with old passphrase. It's
expected behaviour.

--Thursday, May 25, 2006, 12:55:35 AM, you wrote to bugtraq@securityfocus.com:

thc>     * After changing the passphrase the OLD passphrase SHOULD NOT work.
thc>     * Open pgpdisk.pgd and pgpdisk_backup.pgd in HEX editor
thc> e.g Ultraedit ONLY CHANGE WHERE YOU SEE A RED RECTANGULAR.
...
thc>     * Do some copy and past from the back-up file into pgpdisk.pgd



-- 
~/ZARAZA
http://www.security.nnov.ru/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Docebo LMS 2.05 Remote File Include, beford
Next by Date:  XSS in Monster Top List | MTL 1.4, V8f3
Previous by Thread:  A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt., thesinoda
Next by Thread:  Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt., Alexander Klimov
Indexes:  [Date] [Thread] [Top] [All Lists]