This Week In Security: Putty Keys, Libarchive, And Palo Alto

It may be time to rotate some keys. The venerable PuTTY was updated to 0.81 this week, and the major fix was a change to how ecdsa-sha2-nistp521 signatures are generated. The problem was reported on the oss-security mailing list, and it’s quite serious, though thankfully with a somewhat narrow coverage.

The PuTTY page on the vulnerability has the full details. To understand what’s going on, we need to briefly cover ECDSA, nonces, and elliptic curve crypto. All cryptography depends on one-way functions. In the case of RSA, it’s multiplying large primes together. The multiplication is easy, but given just the final result, it’s extremely difficult to find the two factors. DSA uses a similar problem, the discrete logarithm problem: raising a number to a given exponent, then doing modulo division.

Yet another cryptography primitive is the elliptic curve, which uses point multiplication as the one-way function. I’ve described it as a mathematical pinball, bouncing around inside the curve. It’s reasonably easy to compute the final point, but essentially impossible to trace the path back to the origin. Formally this is the Elliptic Curve Discrete Logarithm Problem, and it’s not considered to be quantum-resistant, either.

One of the complete schemes is ECDSA, which combines the DSA scheme with Elliptic Curves. Part of this calculation uses a nonce, denoted “k”, a number that is only used once. In ECDSA, k must be kept secret, and any repetition of different messages with the same nonce can lead to rapid exposure of the secret key.

And now we get to PuTTY, which was written for Windows back before that OS had any good cryptographic randomness routines. As we’ve already mentioned, re-use of k, the nonce, is disastrous for DSA. So, PuTTY did something clever, and took the private key and the contents of the message to be signed, hashed those values together using SHA-512, then used modulo division to reduce the bit-length to what was needed for the given k value. The problem is the 521-bit ECDSA, which takes a 521-bit k. That’s even shorter than the output of a SHA-512, so the resulting k value always started with nine 0 bits. Continue reading “This Week In Security: Putty Keys, Libarchive, And Palo Alto”

NASA’s Ingenuity Mars Helicopter Transitions Into Stationary Testbed

On April 16th NASA announced the formal end to Ingenuity’s days as the first ever Martian helicopter, following its 72nd and final flight mission in January. This flight ended with a rough landing during which the helicopter’s blades got damaged and separated, leaving the plucky flying machine with its wings clipped. During the final meet-up of the Mars Helicopter Team there was cake, but none for Ingenuity as its latest data set was reviewed by the team from 304 million kilometers away. This data confirms the latest software patch allows it to work stand-alone as a data collection platform.

With these latest software changes, Ingenuity will wake up daily, activate its computers and perform a self-check of all its components before collecting sensor data and images. The main goal of this is to collect long-term performance data on the helicopter’s systems, with enough onboard memory to allow for measurements to be stored for around 20 years. This means that although the Perseverance rover will have to trundle on without its flying mission buddy, one day in the future another rover, helicopter or primate will presumably drop by to either communicate with Ingenuity if it’s still alive, or harvest its memory unit for data retrieval.

Thanks to [Mark Stevens] for the tip.

Build Your Own RGB Fill Light For Photography

Photography is all about light, and capturing it for posterity. As any experienced photographer will tell you, getting the right lighting is key to getting a good shot. To help in that regard, you might like to have a fill light. If you follow [tobychui]’s example, you can build your own!

Colors!

The build relies on addressable WS2812B LEDs as the core of the design. While they’re not necessarily the fanciest LEDs for balanced light output, they are RGB LEDs, so they can put out a ton of different colors for different stylistic effects. The LEDs are under the command of a Wemos D1, which provides a WiFI connection for wireless control of the light.

[tobychui] did a nice job of building a PCB for the project, including heatsinking to keep the array of 49 LEDs nice and cool. The whole assembly is all put together inside a 3D printed housing to keep it neat and tidy. Control is either via onboard buttons or over the WiFi connection.

Files are on GitHub if you’re seeking inspiration or want to duplicate the build for yourself. We’ve seen some other similar builds before, too. Meanwhile, if you’re cooking up your own rad photography hacks, don’t hesitate to let us know!