[ISN] Windows NT Security Under Fire

From: mea culpa (jerichoat_private)
Date: Mon Jun 01 1998 - 11:10:24 PDT

  • Next message: mea culpa: "[ISN] Crypto holes slow export adoption"

    Forwarded From: Kjell Wooding <kwoodingat_private>
    Windows NT Security Under Fire
    by Chris Oakes 
    4:00am 1.Jun.98.PDT 
    Listen to security expert and consultant Bruce Schneier and he'll tell
    you that Windows NT's security mechanism for running virtual private
    networks is so weak as to be unusable. Microsoft counters that the
    issues Schneier points out have mostly been addressed by software
    updates or are too theoretical to be of major concern.
    Schneier, who runs a security consulting firm in
    Minneapolis, says his in-depth "cryptanalysis" of Microsoft's
    implementation of the Point-to-Point Tunneling Protocol (PPTP) reveals
    fundamentally flawed security techniques that dramatically compromise
    the security of company information.
    "PPTP is a generic protocol that will support any
    encryption. We broke the Microsoft-defined [encryption] algorithms,
    and also the Microsoft control channel." However, he said he was
    unaware of some of Microsoft's NT 4.0 updates when he ran his tests.
    With relative ease, intruders can exploit the flaws, Schneier said,
    which he summarizes as weak authentication and poor encryption
    implementation. The result is that passwords can be easily
    compromised, private information can be disclosed, and servers used to
    host a virtual private network, or VPN, can be disabled through
    denial-of-service attacks, Schneier said.
    It's kindergarten cryptography. These are dumb mistakes," Schneier
    In letting companies use the public Internet as a means for
    establishing "private" company networks, VPN products use the protocol
    to establish the "virtual" connections between remote computers.
    PPTP secures the packets sent via the Internet by encapsulating them
    in other packets. Encryption is used to further secure the data
    contained in the packets. It is the scheme Microsoft uses for this
    encryption that Schneier says is flawed.
    Specifically, Schneier's analysis found flaws that would let an
    attacker "sniff" passwords as they travel across a network, break open
    an encryption scheme, and mount denial-of-service attacks on network
    servers, which render them inoperable.  Confidential data is therefore
    compromised, he said.
    The nature of the flaws varied, but Schneier identified five primary
    ones. For example, Schneier found a method of scrambling passwords
    into a code -- a rough description of "hashing" -- to be simple enough
    that the code is easily broken.  Though 128-bit "keys" can be used to
    access the encryption feature of the software, Schneier said the
    simple password-based keys that it allows can be so short that
    information could be decrypted by figuring out what may be very simple
    passwords, such as a person's middle name.
    "This is really surprising. Microsoft has good cryptographers in their
    employ." The problem, he said, is that they're not adequately involved
    in product development.
    Schneier emphasized that no flaws were found in the PPTP protocol
    itself, but in the Windows NT version of it. Alternate versions are
    used on other systems such as Linux-based servers.
    Microsoft's implementation is "only buzzword-compliant," Schneier
    said. "It doesn't use [important security features like 128-bit
    encryption] well."
    Windows NT has in the past been the object of several security
    complaints, including denial-of-service vulnerabilities.
    Microsoft says the five primary weaknesses Schneier has called
    attention to are either theoretical in nature, previously discovered,
    and/or have been addressed by recent updates to the operating system
    "There's really not much in the way of news here," said Kevin Kean, an
    NT product manager at Microsoft. "People point out security issues
    with the product all the time.
    "We're on our way to enhancing our product to take care of some of
    these situations already," Kean said.
    He acknowledged that the password hashing had been fairly simple, but
    that updates have used a more secure hashing algorithm. He also
    contends that even a weak hashing can be relatively secure.
    The issue of using simple passwords as encryption keys is relevant to
    individual company policy more than Microsoft's product. A company
    that has a policy requiring employees to use long, more complex
    passwords can ensure that their network encryption is more secure. An
    update to the product, Kean said, lets administrators require a long
    password from company employees.
    On another issue, where a "rogue" server could fool a virtual private
    network into thinking it was a legitimate node on the network, Karan
    Khanna, a Windows NT product manager, said while that was possible,
    the server would only intercept of a "stream of gobbledygook" unless
    the attacker had also cracked the encryption scheme. That and other
    issues require a fairly difficult set of conditions, including the
    ability to collect the diverging paths of VPN packets onto a server,
    to come into place.
    For that reason, Microsoft insists its product offers a reasonable
    level of security for virtual private networks, and that upcoming
    versions of the software will make it stronger.
    Windows NT security expert Russ Cooper, who runs a mailing list that
    monitors problems with Windows NT, agrees with Microsoft that most of
    Schneier's findings have been previously turned up and discussed in
    forums like his. What Schneier has done is tested some of them, he
    said, and proven their existence.
    But he points out that fixes for the problems have only recently been
    released, outdating Schneier's tests. The problems may not have been
    all successfully addressed by the fixes, Cooper said, but represent an
    unknown that may negate some of Schneier's findings.
    On Schneier's side, however, Cooper agrees that it typically takes
    publicity of such weaknesses to get Microsoft to release fixes. "Folks
    need to get better response from Microsoft in terms of security,"
    Cooper said.
    He also added support to a point that Schneier makes -- that Microsoft
    treats security more casually than other issues because it has no
    impact on profit.
    "Microsoft doesn't care about security because I don't believe they
    think it affects their profit. And honestly, it probably doesn't."
    Cooper believes this is part of what keeps them from hiring enough
    security personnel.
    Microsoft vehemently contests the charge.  Microsoft's Khanna said in
    preparing the next release of the operating system, the company has
    installed a team to attack NT, an effort meant to find security
    problems before the product is released.
    And, Microsoft reminds us, no product is totally secure. "Security is
    a continuum," Microsoft's Kean said. "You can go from totally insecure
    to what the CIA might consider secure." The security issue at hand, he
    said, lies within a reasonable point on that continuum.
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:54:54 PDT