One for the snakeoil file.
Trei, Peter
ptrei at rsasecurity.com
Tue Mar 26 16:34:34 EST 2002
[Note: I'm just passing on posts from sci.crypt. I've
not confirmed this independently
It appears that not every product which uses smart
cards is secure
- pt]
--------------------------------------------
From: philippe.mestral at validy.com (Philippe Mestral)
Newsgroups: sci.crypt
Subject: I've tested the encryption system that comes with Acer laptops, and
it's not pretty.
Date: 26 Mar 2002 05:48:36 -0800
Message-ID: <7baaf8a3.0203260548.5c77c27b at posting.google.com>
Some Acer laptops comes with a built-in smartcard reader and a file
encryption program called "Platinum Secure".
My company recently acquired two of them. I spent some time playing
around with that encryption system and came to the following
conclusions:
- they use a basic XOR stream cipher.
- the keystream is always the same for any file, encrypted by any user
on any of the two laptops I have.
- I was able to generate that keystream with a long enough binary file
containing only 0 and encrypting it.
- I am now able to decrypt any file encrypted on either laptop without
the smartcard.
I am no crypto expert. It is surprising to me that a manufacturer
would release such a badly designed product.
It's even worse that providing no security at all, because with this
product the users *think* their files are secure while they obviously
aren't.
any thoughts/comments?
also, has anyone here already had this product in their hands?
could someone who has installed that program possibly create a text
file, put
the string "test" in it, encrypt the file and send it to me at
philippe.mestral at validy.com so that I can see whether the encrypted
file looks like mine or not? (they wouldn't use the same keystream for
ALL their laptops would they?)
thanks in advance.
------------------------------------------------------
From: "Scott Fluhrer" <sfluhrer at ix.netcom.com>
Date: Tue, 26 Mar 2002 07:33:28 -0800
Message-ID: <a7q4ni$r77$1 at slb2.atl.mindspring.net>
Joël Bourquard <job at esecurium.com.nospam> wrote in message
news:3ca091af$1 at news.deckpoint.ch...
> "Philippe Mestral" <philippe.mestral at validy.com> wrote in message
> news:7baaf8a3.0203260548.5c77c27b at posting.google.com...
> > Some Acer laptops comes with a built-in smartcard reader and a file
> > encryption program called "Platinum Secure".
> > [...]
> > - they use a basic XOR stream cipher.
> > - the keystream is always the same for any file, encrypted by any user
> > on any of the two laptops I have.
> > [...]
> > - I am now able to decrypt any file encrypted on either laptop without
> > the smartcard.
>
> Hi,
> I'm completely astonished by what you said.
> What I can't understand, is why they're using a smartcard.. unless they
want
> people to BELIEVE that's secure.
Well, the keystreams might be different for different smartcards (not that
that would make it any more secure). Alternatively, they might put the
keystream generation program on the smartcard, in the vain hope that if
people can't look at it, they have a harder time cryptanalyzing it.
--
poncho
------------------------------------------------------------------
From: "Philippe Mestral" <philippe.mestral at validy.com>
References:
<7baaf8a3.0203260548.5c77c27b at posting.google.com>
<3ca091af$1 at news.deckpoint.ch> <a7q4ni$r77$1 at slb2.atl.mindspring.net>
<3ca0a34e at news.deckpoint.ch>
Date: Tue, 26 Mar 2002 18:48:49 +0100
> > Well, the keystreams might be different for different smartcards (not
that
> > that would make it any more secure). Alternatively, they might put the
> > keystream generation program on the smartcard, in the vain hope that if
> > people can't look at it, they have a harder time cryptanalyzing it.
>
> Oh yes, I assumed he did use two different smartcards with the two
laptops..
> and that the keys were the same.
> Maybe he didn't.
I did.
-------------------------------------------------------------
From: "Philippe Mestral" <philippe.mestral at validy.com>
Date: Tue, 26 Mar 2002 19:19:28 +0100
Message-ID: <3ca0ba42$0$24006$4d4eb98e at read.news.fr.uu.net>
"Joël Bourquard" <job at esecurium.com.nospam> wrote in message
news:3ca091af$1 at news.deckpoint.ch...
> Hi,
> I'm completely astonished by what you said.
> What I can't understand, is why they're using a smartcard.. unless they
want
> people to BELIEVE that's secure.
>
apparently the card is used to store a unique ID which authenticates the
card owner.
As several card owners can use the same pc and the encrypting method and key
are always the same, they had to find some sort of way to tell what file was
encrypted by what user.
A registry key contains information regarding encrypted files.
For each encrypted file, a string is added to the registry. Its name is the
current date concatenated to the encrypted file name, and its value
corresponds to the unique ID of the user who encrypted the file (plus the
original file extension, go figure).
When a request to decrypt an encrypted file is made, the program browses the
list of encrypted files in the registry. If it founds a file whose date &
time and name correpond, it then checks that the user who encrypted that
file corresponds to the one whose card is inserted in the reader. If it
does, the file is decrypted.
Incidentally, modifying the date and/or name of an encrypted file makes it
impossible to decrypt!! it is also impossible to exchange files between
machines, and if you back up your encrypted files on a CD or elsewhere,
re-install Windows (thus deleting the registry), and restore your saved
file, you will be unable to decrypt them!!
also, you can easily decrypt other user's file by replacing their ID by
yours.
please note that I haven't been given any specifications by Acer regarding
this program. Everything I say comes from double-checked tests and
observations. I'm afraid I'm not far from the truth though...
--
the infamous registry key:
[HKEY_CLASSES_ROOT\EncryptFileInfo\ENCRYPT]
"14/03/2002 18:37:00�100000"="Validy13160301�txt"
"14/03/2002 18:38:00�31"="Validy13160301�txt"
"15/03/2002 11:05:40�500000"="Validy13160301�txt"
"15/03/2002 11:07:37�69489"="Validy13160301�zip"
"15/03/2002 11:12:17�27056"="Validy13160301�txt"
"15/03/2002 11:43:00�10"="Validy13160301�txt"
"15/03/2002 11:44:15�100"="Validy13160301�txt"
"15/03/2002 11:46:15�30"="Validy13160301�txt"
"15/03/2002 11:47:08�26"="Validy13160301�txt"
"15/03/2002 12:20:31�27"="Validy13160301�txt"
"15/03/2002 14:21:33�27"="Validy13160301�txt"
"15/03/2002 14:43:24�100000"="Validy13160301�txt"
"15/03/2002 14:43:59�100000"="Validy13160301�txt"
--------------------------------------------
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list