Windows Security Loophole Uncovered -- Again

A new security vulnerability in Windows 2000 that lets intruders access information sent from the computer--even information no longer stored on the computer--has been reported. According to the claim, the problem is with Windows' random-number generator. To date, the researchers have only tested Windows 2000, but they're guessing that newer versions (such as Windows XP and Vista) have similar vulnerabilities since they use similar random-number generators.

In their analysis, University of Hafia computer science professor Benny Pinkas, along with Hebrew University grad students Zvi Gutterman and Leo Dorrendorf, reengineerd the algorithm (the CryptGenRandom function) used by the pseudo-random number generator: Given the internal state of the generator, the previous state can be computed in $O(2^{23})$ work (this is an attack on the forward-security of the generator, an $O(1)$ attack on backward security is trivial). The attack on forward-security demonstrates that the design of the generator is flawed, since it is well known how to prevent such attacks. They also analyzed how the generator is run by the operating system, and found that it amplifies the effect of the attacks.

In their paper Cryptanalysis of the Windows Random Number Generator, the reseachers said that the implication of these findings is that a buffer overflow attack or a similar attack can be used to learn a single state of the generator, which can then be used to predict all random values, such as SSL keys, used by a process in all its past and future operation.

"There is no doubt that hacking into a computer using our method requires advanced planning. On the other hand, simpler security breaches also require planning," said Pikas, "and I believe that there is room for concern at large companies, or for people who manage sensitive information using their computers, who should understand that the privacy of their data is at risk."

Posted by Jon Erickson at 11:38 AM  Permalink