oss-sec mailing list archives
Re: eCryptfs key wrapping help to crack user password
From: cve-assign () mitre org
Date: Fri, 27 Feb 2015 23:11:46 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
In this case, a wrapping key is generated from the user password using the hash function SHA-512 applied 65536 times. By default, the wrapping key is hashed with the default fixed salt (0x0011223344556677) and stored in the a file. This was already noticed in bug : https://bugs.launchpad.net/ecryptfs/+bug/906550
https://bugs.launchpad.net/ecryptfs/+bug/906550/comments/5
all installations end up wrapping (encrypting) the mount passphrase with the user login password and the DEFAULT SALT VALUE. A unique salt value among almost all installations makes them a convenient target for a rainbow table attack on the wrapped-passphrase file.
I got here because I am dabbling with a config package to implement mandatory eCryptfs encrypted home for all users of a system
Use CVE-2014-9687. Our interpretation is that this is a vendor CVE request based on a vendor's perspective that ecryptfs-setup-private's use of the default salt was never the intended behavior. (For example, http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/view/head:/doc/beginners_guide/ecryptfs_beginners_guide.tex says "It is highly advised that you also provide a salt along with the password, which will help make an attack against your files harder than if you use the default salt.") - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJU8T+GAAoJEKllVAevmvmsK88H/RM59bZPtTnS7oPAsXrAmYeY 7zx+ZkmYxwOpTr5HQg/IZw16MnSb83GG7YtRa6XjTadf8jBYuzZpHxAnWncjo+em 6Q3fmTG9yayBcZVV/7/99+mvOcbHE+sF20qg/imRawHUEWQx8wVxk2Z/G6Ef4Eff kM2fhxKJRfRo1Xb7r3ZPsnQzA2xz3aO9EZaqbsGsQCSoFp9yEmIqiCHL7f8datOw lOfLJX4U+au/IMMxGkGr+gZZYMCVZb7TUnQDIQXDB1oC4W6Lk5yWfKOqI/3pmaie muK0BpzE5P4RMLgnP2voHuvOXM9WnjlTeV1wC80qYMVP9UJsjWiaMIV5d1shxYw= =RVyA -----END PGP SIGNATURE-----
Current thread:
- eCryptfs key wrapping help to crack user password Sylvain Pelissier (Feb 10)
- Re: eCryptfs key wrapping help to crack user password Tyler Hicks (Feb 10)
- Re: eCryptfs key wrapping help to crack user password Tyler Hicks (Feb 26)
- Re: eCryptfs key wrapping help to crack user password cve-assign (Feb 27)
- Re: eCryptfs key wrapping help to crack user password Tyler Hicks (Feb 10)