Firewall Wizards mailing list archives
Re: CISCO PIX Vulnerability
From: lum () infoexpress com
Date: Thu, 4 Jun 1998 10:59:10 +0000
Damir Rajnovic wrote:
Apparently, knowing what bits are fixed will not bring attacker any additional 'gain' in breaking a DES. At least I was told that by people from sci.crypt group.
That statement is true under certain circumstances, but it seems to be taken out of context here. DES uses an 8 byte key, of which only 56 bits are used for encryption (8 of the bits are ignored). Because of this, you can take a 7 byte key and by carefully expanding it, you can produce an 8 byte DES key that is just as strong as a random 8 byte key so long as the original 7 byte key is truly random. When using DES with the infamous 40 bit key limitation often mandated by certain governments, vendors must further reduce the 56 bits down to 40 bits. The algorithm used is typically to mask (fix) 16 bits in the 56 bits used in the DES key such that the number of non-fixed bits always adds up to 40 bits. The "privacy" of a 40 bit key does not depend on which of the 16 bits were masked out of the original 56 used bits. The same method can be used to create an effective key length of 48 bits.
Another thing is that PIX is using DES in ECB mode. CISCO admits that "....ECB is not generally considered to be the best mode in which to employ DES,...." but you'll have to live with it. CISCO will not fix that so you'll have to buy future IPSEC/IKE products.
ECB is the simplest (and most vulnerable) mode available... Regards, Stacey Lum InfoExpress
Current thread:
- CISCO PIX Vulnerability Damir Rajnovic (Jun 03)
- Re: CISCO PIX Vulnerability lum (Jun 04)
- <Possible follow-ups>
- FW: CISCO PIX Vulnerability Hal (Jun 15)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 16)
- Re: FW: CISCO PIX Vulnerability Rick Smith (Jun 17)
- Re: FW: CISCO PIX Vulnerability Perry E. Metzger (Jun 18)
- Re: FW: CISCO PIX Vulnerability Rick Smith (Jun 18)
- Re: FW: CISCO PIX Vulnerability Perry E. Metzger (Jun 23)
- Going Public with Brute Force (was: CISCO PIX) Rick Smith (Jun 23)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 16)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 23)
- Re: FW: CISCO PIX Vulnerability Darren Reed (Jun 24)