Bookmark and Share
RSS

Recent Posts

Sweet32 Birthday! Your First Thoughts?

September 11, 2017

My first thought was of when I was Sweet16 and had never been kissed (yeah, a bit late to that aspect of life). But I knew Sweet32 was going to be something different as I first saw the term in an AUSCERT notice.

So, what is Sweet32 Birthday? It’s the name given to the process of breaking CBC based ciphers. After accessing about 32GB of data, the hacker moves to mode "Let the party begin" as there is enough data to crack the CBC and decrypt data.

So, how can you protect yourself? Being simple-minded, I suggest stop using any CBC-based cipher. I'll want to read more but just a switch to CTR based ciphers might be sufficient. FYI: openssh did this over three years ago when they released OpnnSSH-6.7p1 for exactly this reason!

From my packaging script for OpenSSH-6.8:
# The dafaults starting with OpenSSH 6.7 are:
# aes128-ctr,aes192-ctr,aes256-ctr,chacha20-poly1305@openssh.com
# older clients may need an older cipher, e.g.
# ciphers aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,arcfour
# only adding aes256-cbc as an "old" cipher
ciphers aes128-ctr,aes192-ctr,aes256-ctr,chacha20-poly1305@openssh.com,aes256-cbc
See http://www.aixtools.net/index.php/openssh
for my latest packaging
 
CBC Versus CTR: What's the Difference?
Briefly, CBC (Cipher Block Chaining) was invented in 1976. Each block of plaintext is XORed with the previous ciphertext block before being encrypted. Only the first block is dependent on an Initialization Vector (IV). CTR (Counter, introduced in 1979) is a stream-based cipher. CTR generates the next keystream block by encrypting successive values of a "counter.” The counter can be any function that produces a sequence that is guaranteed not to repeat for a long time. (In CTR the data being encrypted serves as keystream, so it’s predictable.)
 
What to do?
Basically, review all your ciphers still used and remove the CBC based ones. The rating of the CVEs is low (today it’s about 3.7) but why wait?

Posted September 11, 2017 | Permalink

Post a Comment

Note: Comments are moderated and will not appear until approved

comments powered by Disqus