Threat, Vulnerabilities and Mitigations: Cryptographic Vulnerabilities

Question 1

What are the three cryptographic Vulnerabilities?

Answer 1

Downgrade
Collision
Birthday Attack

Question 2

What is a downgrade Attack?

Answer 2

Downgrade: Forces a connection, protocol, or cryptographic algorithm to downgrade to an older and less secure version so it can be compromised.

We’ll demonstrate:

Catch ssh connection with Wireshark.

See the key exchange: nmap –script=ssl-poodle 192.168.202.133

The attacker will request to use a downgrades encryption version and the server will follow suit in which encryption or version to use.\

Very Dangerous with no patch or on Zero Day

Question 3

What is Collision?

Answer 3

Collision: Different inputs result in the same output. Check out:

https://www.mscs.dal.ca/~selinger/md5collision/hello

https://www.mscs.dal.ca/~selinger/md5collision/erase

md5sum hello

md5sum erase

Same output

This is used in hashing algorithm – you can’t undo it one way function.

Question 4

What is a Birthday?

Answer 4

Birthday attack: a room with 23 people will have a 50% chance of two people with a matching birthday and with 75 people, the odds increase to 99.9%.

If you can find same hash values that are collision and exploit them.