Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11DUHK attacks allow hackers to obtain encryption keys for VPN and web browsing sessions
DUHK - Dont Use Hard-coded Keys - is a new dangerous encryption executable vulnerability that allows an attacker to recover the encryption key used to secure VPN connections and web sessions.
DUHK is the third vulnerability related to encryption discovered this month, after attacking WiFi KRACK and attacking ROCA.
This vulnerability exists on many devices of many vendors, including Fortinet, Cisco, TechGuard, where the device uses ANSI X9.31 RNG - an algorithm to generate pseudo random numbers - along with the key hard-coded (just embedding it directly into source or fixed data instead of taking from external sources).
Before being removed from the list of FIPS-approved random number sequence algorithms approved in January 2016, ANSI X9.31 RNG is used in many coding standards for more than 30 years.
The pseudo random number generator (PRNG) does not generate random numbers. In essence, it is an algorithm that creates a series of bits based on secret values originally called 'seeds' and creates the current state. This bit sequence is always the same due to the same initial values.
Some vendors store this 'secret seed' into their product source code.
Discovered by cryptanalysts Shaanan Cohney, Nadia Heninger and Matthew Green, DUHK, known as 'status restoration attack', allows intermediaries who already know the value of seeds restore the current value after viewing the output data.
With those two values, the attacker uses to recalculate the encryption key, restoring the encrypted data.
'To describe the reality, we created passive decoding attack on FortiGate VPN product with FortiOS version 4', the researchers said. 'We scanned at least 23,000 devices with public IPv4 addresses running FortiOS versions containing vulnerabilities'. Below is an incomplete list of influential devices with the same version.
DUHK attacks allow hackers to obtain encryption keys for VPN and web browsing sessions Picture 1
Vendor products containing vulnerabilities are vulnerable to DUHK attacks
Researchers have also published in-depth research material on the DUHK attack website at this address.https://duhkattack.com/
Isabella HumphreyYou should read it
- Application protection against DFA attacks
- Summary of popular network attacks today
- Cisco security equipment is targeted at DoS attacks through an old vulnerability
- Warning: DDoS attacks are becoming more dangerous both in scale and complexity
- DNS attacks are costing governments worldwide huge amounts
- IBM developed a new technology to patch security holes
- Detection of security vulnerabilities affects all Bluetooth versions
- AMD patched a series of security holes in the graphics driver for Windows 10
- Microsoft warns of an increasing trend of attacks targeting firmware and worrying public indifference
- Top 10 attack techniques on the web
- How many DDoS cases are reported in 2019?
- Hacker purged two-factor security just by automated phishing attacks
Attack the network
Roboto Font Condensed install malware on your computer- Hacker Instagram offered to sell personal information of 6 million accounts on DoxaGram
- MongoDB malicious code attacks more than 26,000 victims in a week
- Loop Bug 6-year life is again discovered, affecting most PDF viewers
- Critical error on Apache Struts2 allows hackers to take over the web server
- The same Skype ID malware author used to run IoT Botnet and apply for jobs
Roboto Font Condensed install malware on your computer
Hacker Instagram offered to sell personal information of 6 million accounts on DoxaGram
MongoDB malicious code attacks more than 26,000 victims in a week
Loop Bug 6-year life is again discovered, affecting most PDF viewers
Critical error on Apache Struts2 allows hackers to take over the web server
The same Skype ID malware author used to run IoT Botnet and apply for jobs