encryption

83 Articles

5G Cellphone’s Location Privacy Broken Before It’s Even Implemented

December 7, 2018 by 52 Comments

Although hard to believe in the age of cheap IMSI-catchers, “subscriber location privacy” is supposed to be protected by mobile phone protocols. The Authentication and Key Agreement (AKA) protocol provides location privacy for 3G, 4G, and 5G connections, and it’s been broken at a basic enough level that three successive generations of a technology have had some of their secrets laid bare in one fell swoop.

When 3G was developed, long ago now, spoofing cell towers was expensive and difficult enough that the phone’s International Mobile Subscriber Identity (IMSI) was transmitted unencrypted. For 5G, a more secure version based on a asymmetric encryption and a challenge-reponse protocol that uses sequential numbers (SQNs) to prevent replay attacks. This hack against the AKA protocol sidesteps the IMSI, which remains encrypted and secure under 5G, and tracks you using the SQN.

The vulnerability exploits the AKA’s use of XOR to learn something about the SQN by repeating a challenge. Since the SQNs increment by one each time you use the phone, the authors can assume that if they see an SQN higher than a previous one by a reasonable number when you re-attach to their rogue cell tower, that it’s the same phone again. Since the SQNs are 48-bit numbers, their guess is very likely to be correct. What’s more, the difference in the SQN will reveal something about your phone usage while you’re away from the evil cell.

A sign of the times, the authors propose that this exploit could be used by repressive governments to track journalists, or by advertisers to better target ads. Which of these two dystopian nightmares is worse is left as comment fodder. Either way, it looks like 5G networks aren’t going to provide the location privacy that they promise.

Via [The Register]

Header image: MOs810 [CC BY-SA 4.0].

FCC Gets Complaint: Proposed Ham Radio Rules Hurt National Security

November 26, 2018 by 141 Comments

On November 10th, [Theodore Rappaport] sent the FCC an ex parte filing regarding a proposed rule change that would remove the limit on baud rate of high frequency (HF) digital transmissions. According to [Rappaport] there are already encoded messages that can’t be read on the ham radio airwaves and this would make the problem worse.

[Rappaport] is a professor at NYU and the founding director of NYU Wireless. His concern seems to relate mostly to SCS who have some proprietary schemes for compressing PACTOR as part of Winlink — used in some cases to send e-mail from onboard ships.

Continue reading “FCC Gets Complaint: Proposed Ham Radio Rules Hurt National Security”

E-Mail Service Claims It Doesn’t Store Your Mail

November 10, 2018 by 28 Comments

There have been many news stories lately about companies misusing your data, including your e-mails. What’s more, these giant repositories of data are favorite targets for hackers. Even if you trust the big corporations, you are also betting on their security. Criptext claims they have (possibly) the most private e-mail service ever. It uses the open Signal protocol and stores private keys and encrypted mail only on your device. All the applications to access your mail are open source, so presumably, someone would eventually spot any backdoors or open holes.

At the moment the service is free and the company reports that even when a paid offering is ready, there will still be a free tier. Of course, you can send and receive normal e-mail, too. You can also use a passphrase you send to someone else (presumably not by e-mail) so they can read an encrypted message.

Continue reading “E-Mail Service Claims It Doesn’t Store Your Mail”

Cracking An Encrypted External Hard Drive

March 16, 2018 by 13 Comments

As far as hobbies go, auditing high security external hard drives is not terribly popular. But it’s what [Raphaël Rigo] is into, and truth be told, we’re glad it’s how he gets his kicks. Not only does it make for fascinating content for us to salivate over, but it’s nice to know there’s somebody with his particular skill set out there keeping an eye out for dodgy hardware.

No word on how the “Secret Wang” performs

The latest device to catch his watchful eye is the Aigo “Patriot” SK8671. In a series of posts on his blog, [Raphaël] tears down the drive and proceeds to launch several attacks against it until he finally stumbles upon the trick to dump the user’s encryption PIN. It’s not exactly easy, it did take him about a week of work to sort it all out, but it’s bad enough that you should probably take this particular item off the wishlist on your favorite overseas importer.

[Raphaël] treats us to a proper teardown, including gratuitous images of chips under the microscope. He’s able to identify a number of components on the board, including a PM25LD010 SPI flash chip, Jmicron JMS539 USB-SATA controller, and Cypress CY8C21434 microcontroller. By hooking his logic analyzer up to the SPI chip he was able to dump its contents, but didn’t find anything that seemed particularly useful.

The second post in the series has all the gory details on how he eventually gained access to the CY8C21434 microcontroller, including a description of the methods which didn’t work (something we always love to see). [Raphaël] goes into great detail about the attack that eventually busted the device open: “cold boot stepping”. This method allowed him to painstakingly copy the contents of the chip’s flash; pulling 8192 bytes from the microcontroller took approximately 48 hours. By comparing flash dumps he was able to eventually discover where the PIN was being stored, and as an added bonus, found it was in plaintext. A bit of Python later, and he had a tool to pull the PIN from the drive’s chip.

This isn’t the first time we’ve seen a “secure” hard drive that ended up being anything but. We’ve even been witness to a safe being opened over Bluetooth. Seems like this whole “Security by Obscurity” thing might not be such a hot idea after all…

DRM Workarounds Save Arcade Cabinet

December 19, 2017 by 31 Comments

DRM has become a four-letter word of late, with even media companies themselves abandoning the practice because of how ineffective it was. DRM wasn’t invented in the early 2000s for music, though. It’s been a practice on virtually everything where software is involved, including arcade cabinets. This is a problem for people who restore arcade machines, and [mon] has taken a swing at unraveling the DRM for a specific type of Konami cabinet.

The game in question, Reflec Beat, is a rhythm-based game released in 2010, and the security is pretty modern. Since the game comes with a HDD, a replacement drive can be ordered with a security dongle which acts to decrypt some of the contents on the HDD, including the game file and some other information. It’s not over yet, though. [mon] still needs to fuss with Windows DLL files and a few levels of decryption and filename obfuscation before getting the cabinet functional again.

The writeup on this cabinet is very detailed, and if you’re used to restoring older games, it’s a bit of a different animal to deal with than the embedded hardware security that older cabinets typically have. If you’ve ever wanted to own one of these more modern games, or you’re interested in security, be sure to check out the documentation on the project page. If your tastes are more Capcom and less Konami, check out an article on their security system in general, or in de-suiciding boards with failing backup batteries.

Exploiting Weak Crypto On Car Key Fobs

October 18, 2017 by 55 Comments

[tomwimmenhove] has found a vulnerability in the cryptographic algorithm that is used by certain Subaru key fobs and he has open-sourced the software that drives this exploit. All you need to open your Subaru is a RasPi and a DVB-T dongle, so you could complain that sharing this software equates to giving out master keys to potential car thieves. On the other hand, this only works for a limited number of older models from a single manufacturer — it’s lacking in compatibility and affordability when compared to the proverbial brick.

This hack is much more useful as a case study than a brick is, however, and [tomwimmenhove]’s work points out some bad design on the manufacturer’s side and as such can help you to avoid these kind of mistakes. The problem of predictable keys got great treatment in the comments of our post about an encryption scheme for devices low in power and memory, for instance.

Those of you interested in digital signal processing may also want to take a look at his code, where he implements filtering, demodulation and decoding of the key fob’s signal. The transmission side is handled by rpitx and attacks against unencrypted communications with this kind of setup have been shown here before. There’s a lot going on here that’s much more interesting than stealing cars.

[Via Bleeping Computer]

Continue reading “Exploiting Weak Crypto On Car Key Fobs”

Practical Public Key Cryptography

October 18, 2017 by 25 Comments

Encryption is one of the pillars of modern-day communications. You have devices that use encryption all the time, even if you are not aware of it. There are so many applications and systems using it that it’s hard to begin enumerating them. Ranging from satellite television to your mobile phone, from smart power meters to your car keys, from your wireless router to your browser, and from your Visa to your Bitcoins — the list is endless.

One of the great breakthroughs in the history of encryption was the invention of public key cryptography or asymmetrical cryptography in the 70’s. For centuries traditional cryptography methods were used, where some secret key or scheme had to be agreed and shared between the sender and the receiver of an encrypted message.

Asymmetric cryptography changed that. Today you can send an encrypted message to anyone. This is accomplished by the use of a pair of keys: one public key and one private key. The key properties are such that when something is encrypted with the public key, only the private key can decrypt it and vice-versa. In practice, this is usually implemented based on mathematical problems that admit no efficient solution like certain integer factorization, discrete logarithm and elliptic curve relationships.

But the game changer is that the public key doesn’t have to be kept secret. This allows cryptography to be used for authentication — proving who someone is — as well as for encryption, without requiring you to have previously exchanged secrets. In this article, I’ll get into the details of how to set yourself up so that anyone in the world is able to send you an e-mail that only you can read.
Continue reading “Practical Public Key Cryptography”