It's largely thanks to the hard work of decades of cryptographers that we're able to keep so much sensitive data safe, secret, and secure. But today's Black Hat Europe 2015 Briefing highlights remind that no crypto scheme's unbeatable, showcasing a variety of attacks with the potential to lay bare important secrets.
XML Encryption has suffered from a series of adaptive chosen-ciphertext attacks, which allow an adversary to decrypt symmetric and asymmetric XML ciphertexts without knowing the keys. The World Wide Web Consortium published an updated version of the standard, but most current XML Encryption implementations fail to use it, and evaluation of security configuration correctness is a tedious and error-prone manual process. How to Break XML Encryption - Automatically will deliver and overview of current attacks and debut an algorithm (and open-source attack plugin) that can automatically decipher vulnerable XML Encrypted content. It turns out four out of five analyzed web service implementations are vulnerable.
Next up, password managers. Specifically LastPass, which enjoys the patronage of over 10,000 corporate customers. LastPass is extremely convenient, but woe be to the user whose entire vault of secrets (not just passwords, but bank accounts, medical records, and more) is laid bare by an attacker. In Even the LastPass Will be Stolen Deal with It! the presenters reveal how they reverse-engineered LastPass plugins and found ways decrypt the master password, gain access through account recovery, and bypass two-factor auth. They also kindly wrote a Metasploit module to automate these exploits.
White-Box Cryptography aims to keep keys secure even when an attack gains full access to an algorithm's internals. WBC systems achieve this through strong obfuscation and complex data-encoding schemes, which has the side effect of making security assessment challenging. Unboxing the White-Box: Practical Attacks Against Obfuscated Ciphers will show how hardware-focused crypto attacks can be ported to WBC systems, specifically demonstrating generic, practical attacks against WBC TDES and AES ciphers. Understanding these vulnerabilities will go a long way toward helping defenders assess the true security posture of their WBC implementations.
Black Hat Europe 2015 takes place November 10-13 in Amsterdam. Now's a great time to register!