Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: S/Key & OPIE Database Vulnerability

From: stevev () HEXADECIMAL UOREGON EDU (Steve VanDevender)
Date: Tue, 25 Jan 2000 11:29:22 -0800

Mudge writes:

Just as an FYI - MONkey, the S/Key cracker and a white paper talking about
the problems with having the skeykeys file readable was released by the
L0pht in May of 1996.

The tool allows one to not only use the skeykeys file as entry to the
crypt and compare but also the network response due to too much server
side information being present.

The tool and paper are still available
at: http://www.l0pht.com/advisories/skey_paper_and_tool


It doesn't surprise me that S/Key cracking software has existed for a
while, and I certainly did not mean to imply that S/Key is immune to
dictionary attacks on user secrets.

My point was that the skeykeys/opiekeys file does not contain any
information that has not already been exposed on the network, so making
those files unreadable is not truly hiding the information they contain;
at best it only keeping attackers away from a convenient central
repository of previously exposed information.

There are also other ways to attack S/Key secrets.  Users of S/Key may
keep their secrets in a laptop or palmtop in easily readable form.  If
the user keeps the secret in his head, then it's possible to
"shoulder-surf" the secret as it's typed in.  Some users of S/Key may
also print out and carry lists of precomputed challenge responses if
they don't have a portable response calculator.  Users who are
particularly weak on S/Key concepts may actually use one remote system
to compute S/Key responses for another and expose their secret in the
process, or keep their S/Key secret on the same system that they use
S/Key authentication on.
Previous By Date Next
Previous By Thread Next

Current thread: