A slight defect in the truncated HMAC code...

Leichter, Jerry leichter_jerrold at emc.com
Tue Jun 10 18:01:11 EDT 2008


| SNMPv3 Authentication Bypass Vulnerability
| 
|    Original release date: June 10, 2008
|    Last revised: --
|    Source: US-CERT
| 
| Systems Affected
| 
|      * Multiple Implementations of SNMPv3
| 
| Overview
| 
|   A  vulnerability in the way implementations of SNMPv3 handle specially
|   crafted packets may allow authentication bypass.  [Based on shortened
|   authentication....]
There's another ... issue with SNMPv3, this time with encryption keys.

The SNMPv3 standard defines a mechanism for converting an entered pass
phrase into an AES key.  The standard also specifies a(n appropriate)
minimum length for the pass phrase.

SNMP agents running in devices sold by a certain, err, very large vendor
do not enforce the minimum length, and it is in fact common to see
devices configured using short pass phrases.  Software that needs to
talk to such devices, and which *does* enforce the requirements of the
standard, will of course be unable to do so.  (Well, I suppose there is
almost certainly an equivalent pass phrase that's long enough, but
finding is impractical if the key derivation function is any good.)  So
such software must necessarily ignore the security requirements of the
standard as well.

Not only is it hard to define technically correct solutions to security
problems ... it's damn difficult to get them fielded!

							-- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list