Dailydave mailing list archives
Nobody but us.
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 09 Apr 2014 12:55:20 -0400
I spent some time talking to various people lately about the concept of "Nobody but us" (NOBUS) especially now that the DUAL_EC algorithm is being researched more closely. People got confused because the papers that came out didn't really stress that the "attacks" against Dual_EC were in the case where they first corrupted it by replacing the magic constants in the spec with their own. So here's a list of seven ways to do various levels of "NOBUS". So yes, it is completely possible. 1. Keys only we have (Elliptic Curve constants in Dual_EC are a prime example, as are hash collision attacks in some cases). Backdoors which are based on RSA certificates or SSHD keys are another simple example. 2. Traffic only we can collect (for example, weakened crypto that you need to have special placed collection devices to collect on) 3. Traffic only we can manipulate (this vulnerability is in a protocol that is a leased line from one of your buildings to another, but we happen to be the phone company) 4. Targets only we care about (this device is vulnerable in a configuration used to run only Iranian centrifuges, or is made by Huawei) 5. Computational difficulty only we will bother with (this attack requires a machine with access to a terabyte of RAM. We had one built by that team of socially inept engineers over there.) 6. Protocols only we can parse (Oh, you don't have an X.500 parser laying around that has the special SS7 extension implemented?) 7. A difficult to write exploit only we will have while the vulnerability is being patched. (We sent this bug to VMWare and once it's out everyone will be patched within a day, but in the meantime for the next two weeks, everyone got owned) You can of course, combine up these techniques to get a healthy breakfast of NOBUS. -dave
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Nobody but us. Dave Aitel (Apr 09)
- Re: Nobody but us. Alfonso De Gregorio (Apr 09)