Bugtraq mailing list archives

SonicWall IKE pre-shared key length bug and security concern

From: Steven Griffin <sgriffin () BAYSTARCAPITAL COM>
Date: Tue, 27 Mar 2001 20:34:20 -0000
I have recently found a bug in the latest firmware 
(6.0.0.0) of SonicWall's Tele2 and SOHO firewalls.

Product details:
http://www.sonicwall.com/products/tele/details.html
http://www.sonicwall.com/products/soho/details.html

Bug disovery:
I was recently configuring the Tele2 and SOHO 
versions of these firewalls in a gateway to gateway 
VPN using IPSec with IKE pre-shared keys. The 
home office gateway was a Cisco PIX 520 running 
the PIX OS 5.2(4).  The Tele2 and SOHO firewalls 
were recently upgraded to the 6.0.0.0 firmware.
The IPSec configuration was ESP-3DES ESP-MD5-
HMAC. During my configuration setup I noticed that I 
could not configure an IKE pre-shared key longer 
than 48 bytes.  Doing so caused the the 2nd phase 
IKE negotiation to fail on the PIX.  

I contacted the vendor (SonicWall) and reported the 
problem.  They have replicated the problem and 
confirmed that it is indeed a bug in their firmware.
I asked them for permission to inform BugTraq and 
they responded that it was indeed alright to post this 
here provided that I inform you that I found the bug 
and that to say that they will provide a fix for this 
problem as soon as possible.

Security concern:
Obviously the limitation of using only a  48 byte key 
as opposed to using a full 128 byte key degrades the 
overall security of the firewall.

Workarounds:
Do not use pre-shared keys. Use certificates, your 
own or from a third party CA, instead.

If you must use pre-shared keys:
  Use only static gateway addresses if possible.
  Use a different key for each gateway.
  Turn on Perfect Forwared Secrecy.
  Set your key expiration time to a shorter interval.

Configuration information for duplication:
note: IP Addresses have been removed.

PIX 520 with OS 5.2(4) relavant config:
access-list 119 permit ip xxx.xxx.xxx.xxx 
xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
access-list nonat permit ip xxx.xxx.xxx.xxx 
xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx

sysopt connection permit-ipsec
sysopt ipsec pl-compatible

crypto ipsec transform-set SonicFirewall esp-3des 
esp-md5-hmac
crypto map Sonic-map 19 ipsec-isakmp
crypto map Sonic-map 19 match address 119
crypto map Sonic-map 19 set peer xxx.xxx.xxx.xxx
crypto map Sonic-map 19 set transform-set 
SonicFirewall
crypto map Sonic-map interface outside

isakmp enable outside
isakmp key <48-byte key here> address 
xxx.xxx.xxx.xxx netmask xxx.xxx.xxx.xxx
isakmp identity address
isakmp policy 19 authentication pre-share
isakmp policy 19 encryption 3des
isakmp policy 19 hash md5
isakmp policy 19 group 1
isakmp policy 19 lifetime 28800

SonicWall with firmware 6.0.0.0
Note: sonicwall config is web based so I will post
field names. datatypes in square brackets "[ ]" and 
field values after a colon ":"  IP addresses have also 
been removed.

Summary Tab:
Enable VPN checkbox: Checked
Disable all VPN Windows Networking (NetBIOS) 
broadcast [checkbox]: UnChecked
Enable Fragmented Packet Handling [checkbox]: 
Checked

Configuration Tab:
Security Association [drop-down listbox]: SonicToPIX
IPSec Keying Mode [drop-down listbox]: IKE using 
pre-shared secret
Name [textbox] SonicToPix
Disable This SA [checkbox]:UnChecked
IPSec Gateway Address [textbox]:xxx.xxx.xxx.xxx
Require XAUTH/RADIUS(only allows VPN clients) 
[checkbox]:UnChecked
Enable Windows Networking (NetBIOS) broadcast 
[checkbox]:Checked
Enable Perfect Forward Secrecy 
[checkbox]:UnChecked
SA Life time (secs) [textbox]:28800
Encryption Method [drop-down listbox]:Strong 
Encrypt and Authenticate (ESP 3DES HMAC MD5)
Shared Secret [textbox]:<48-byte key here>
Destination Networks: [sub window]:
        IP Address [textbox]:xxx.xxx.xxx.xxx
        SubnetMask [textbox]:xxx.xxx.xxx.xxx



Disclaimer and closing:
I must say that I am not a security expert and I do not 
claim to be one.  My opinions are my own.  Use my 
opinions and the information in this posting at your 
own risk.  My intention for posting this information is 
to inform the BugTraq community about a possible 
security concern.

Steven Griffin
sgriffin () baystarcapital com
Current thread:

SonicWall IKE pre-shared key length bug and security concern Steven Griffin (Mar 27)
- <Possible follow-ups>
- Re: SonicWall IKE pre-shared key length bug and security concern Ben Nagy (Mar 28)