DUHK, the vulnerability that endangers encrypted connections

25/10/2017

The ANSI x9.31 RNG algorithm, generator of pseudo-random numbers used in cryptographic functions is the basis of the vulnerability called DUHK, able to get hold of the encryption keys of VPN connections and web sessions. The obsolescence of this algorithm, together with the fact that many manufacturers that included seed generation of pseudo-random numbers statically in the firmware of the devices, has led to this vulnerability able to reveal encrypted connections between devices through attacks "Man-in-the-middle". The data included statically in the firmware of the devices can be recovered by reverse engineering, so that an attacker who has the "seed" and use the same algorithm can get the encryption key of the connection.

References

23/10/2017

blog.cryptographyengineering.com

A Few Thoughts on Cryptographic Engineering
24/10/2017

thehackernews.com

DUHK Attack Lets Hackers Recover Encryption Key Used in VPNs & Web Sessions
25/10/2017

genbeta.com

DUHK, un nuevo exploit es capaz de exponer redes VPN y conexiones cifradas en 4 minutos
25/10/2017

redeszone.net

DUHK, un nuevo ataque contra la criptografía para descifrar tráfico VPN y sesiones Web
25/10/2017

blog.fortinet.com

The DUHK Vulnerability

Etiquetas