Full Disclosure mailing list archives
2 vulns 1 line in RNCryptor (PHP) + Call to Action
From: Scott Arciszewski <scott () paragonie com>
Date: Tue, 9 Jun 2015 20:44:16 -0400
Hi Full Disclosure,
From their page (https://rncryptor.github.io):
RNCryptor is a data format specificiation for AES encryption, with AES-256,
random-salted PBKDF2, AES-CBC, random IV, and HMAC. It has implementations in several languages.
Their PHP implementation has two vulnerabilities in the same line of code, which looks like this: return ($components->hmac == $this->_generateHmac($components, $hmacKey)); The issues here: 1. A timing side-channel. 2. Use of the == operator can treat strings as floats, depending on the input We have opened a Github issue about this and recommend a simple patch: https://github.com/RNCryptor/RNCryptor-php/issues/5 *A Call to Action about Cryptography in PHP Applications:* If anyone is serious about encrypting information in a PHP application, please install libsodium from PECL and use that. Libsodium can already be used in most popular programming languages, so a cross-platform concern (what RNCryptor sought to fulfill) is already solved. Of course, please do ask your resident cryptography experts if you're unsure of this advice. They should, with all likelihood, agree that it's far better than any PHP cryptography. Especially any that rely on the abandonware mcrypt extension: https://paragonie.com/blog/2015/05/if-you-re-typing-word-mcrypt-into-your-code-you-re-doing-it-wrong If you can't use PECL, you have two good options (neither of which, to my knowledge, has a cross-platform implementation in other popular languages): - https://github.com/defuse/php-encryption - https://github.com/zendframework/zend-crypt Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises <https://paragonie.com> _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- 2 vulns 1 line in RNCryptor (PHP) + Call to Action Scott Arciszewski (Jun 10)