Category Archives: Technology

Is MD5 certificate attack a lethal hit to SSL?

Posted on by
Reply

MD5 is known to be a weak hashing algorithms for many years. Thus, it was vanishing from the scope. The scope was more on attacking SHA family. Nevertheless, researchers (Alex Sotirov, Marc Stevens, Jake Appelbaum, Arjen Lenstra, Benne de Weger, and David Molnar) have brightly combined three weaknesses: MD5 collision, the fact the some certification Authorities (CA) still use MD5 to sign SSL certificates, and that browsers poorly manage root certificates. They presented their attack at Chaos Computer Club conference.

The researchers asked a legitimate CA to sign with MD5 a legitimate SSL certificate. Then they forged a root key using the same signature. Bingo! They could now generate and sign “legitimate” SSL certificates.

Is it dangerous? Not really. First of all, the majority CAs are not anymore using MD5. The attack does not work on certificates that were already issued. In other words, when receiving new certificates signed with MD5 (normally very few) be cautious with the issuing date. You can still trust SSL. :Wink:

The cure is extremely simple. No CA should anymore use MD5 to sign certificates. The CA that signed the certificate used for the demonstration announced that it will soon get rid of MD5 :Happy:

Although not lethal attack, the work of the researchers is a an extremely nice and smart attack. The attack will be detailed in Security newsletter #12

DRM free music

Posted on by
Reply

The movement towards DRM free music continues. The biggest event is of course iTunes that announces that its complete catalog will be available as DRM free songs. iTunes announced also a new price list adding $0.69 songs (in addition to $0.99 and $1.29)

Warner France followed this movement. It announced that its two sites Fnac Music and Virgin Media will sell DRM free songs in 2009. Nevertheless, it is a trial and the final decision will be taken in 2010.

DRM free music is a trend that will not stop. Will it extend to other fields such as games or video? I am not sure. of course, customers would like it. DRM free distribution with a session watermark to detect eventual illegal distribution is promoted, for instance by the Digital Watermark Alliance.. Nevertheless, there are several differences with music. According to me, the biggest one is that the investments are far huger than music. In the case of video, the release windows strategy and commercial agreements are also problems.

We will continue to monitor this trend in 2009.

MediaSentry loses RIAA contract

Posted on by
Reply

Monday 5 January 2009: RIAA’s spokersperson Jonathan LAMY has officially confirmed that RIAA does not anymore use the services of MediaSentry. He informed that RIAA uses a Danish company DtecNet.

Many reasons may have driven this decision. It seems that the way the supposed infringing IP address were collected may not sustain the non repudiation of illegal sharing. This is an extremely tough issue. How do you legally prove (in an efficient way) that the peer really shared illegal content? MediaSentry was also using techniques to spoil (For an overview, see Fighting piracy in Security Newsletter #11). These techniques are somewhat controversial. This summer, a leakage of emails of MediaDefender, a competitor of MediaDefender, shaded some lights on the types of thwarting techniques. Furthermore, some mails described the results of competitive intelligence on MediaSentry. In other words, MediaDefender’s story generated very bad reputation for the sector. Is MediaSentry a collateral victim of MediaDefender’s leakage?

The toolbox of DectNet, at least as announced on their site, does only offer non controversial techniques: Cease and Desist Letter, Litigation Tools and Evidence, Prerelease Monitoring, and statistics. In other words, they do not announce any throttling or poisoning techniques, only monitoring tools. Far less controversial.

Does it mean a change in RIAA’s strategy? I doubt. It is probably a good communication movement. RIAA will continue to track illegal downloading, send Cease and Desist Letters, and sue infringers. RIAA will not sponsor any borderline activity (at least not openly :Wink: )

US passport and RFID

Posted on by
Reply

Once more, the use of RFID with ID cards raises many concerns. This time it is for the new US passport cards. These cards are only valid for sea and land travel. It seems that the design was only driven by cost consideration. There are two main characteristics

  • It uses off the shelf standard EPC chips (i.e., low cost tags as used for inventory tracking)
  •   The reading distance is 50 meters!

Being a standard EPC, the card just delivers a unique ID. This unique ID can be eavesdropped and reprogrammed in a blank EPC. Of course, the security relies on the guard who should check that the corresponding record points to the right owner. But we all know that vigilance decreases with time.
The long range of reading is an obvious privacy issue. With such a distance, it is easy to trace somebody. The solution proposed by the Administration is a privacy sleeve! This would never work with me. I would sooner or later forget it or loose it.
But the nicest is the “Kill” command. For privacy issue, EPC have a kill command that mutes definitively the chip. EPC are used for inventory tracking. Once the item sold, it must be possible to desactivate the chip. This command is legitimate for its initial use but not for this one. In a March post, I described a Denial Of Service attack to pass a border. With this type of card, it is extremely easy to mount it.
As usually, Administration downgrades the risks. According to them, the risks are improbable! When security design is driven by money, the result is often a catastrophe.

US passport and RFID

Posted on by
Reply

Once more, the use of RFID with ID cards raises many concerns. This time it is for the new US passport cards. These cards are only valid for sea and land travel. It seems that the design was only driven by cost consideration. There are two main characteristics
– It uses off the shelf standard EPC chips (i.e., low cost tags as used for inventory tracking)
– The reading distance is 50 meters!
Being a standard EPC, the card just delivers a unique ID. This unique ID can be eavesdropped and reprogrammed in a blank EPC. Of course, the security relies on the guard who should check that the corresponding record points to the right owner. But we all know that vigilance decreases with time.
The long range of reading is an obvious privacy issue. With such a distance, it is easy to trace somebody. The solution proposed by the Administration is a privacy sleeve! This would never work with me. I would sooner or later forget it or loose it.
But the nicest is the “Kill” command. For privacy issue, EPC have a kill command that mutes definitively the chip. EPC are used for inventory tracking. Once the item sold, it must be possible to desactivate the chip. This command is legitimate for its initial use but not for this one. In a March post, I described a Denial Of Service attack to pass a border. With this type of card, it is extremely easy to mount it.
As usually, Administration downgrades the risks. According to them, the risks are improbable! When security design is driven by money, the result is often a catastrophe.

Digital Future Symposium (DFS)

Posted on by
Reply

This event organized by the Center for Content Protection was hold with Asia TV at Singapore. Thus, the audience was rather large (140 people) and encompassed broadcasters, producers, and press.
The best presentations were:

  • Brad HUNT (former CTO of MPAA, and now consultant at Digital Media Directions) presented his four major trends in content protection
    • Use of fingerprinting to monetize content
    • Digital copy and managed copy for optical media
    • Domain based DRM
    • DECE with some emphasis on Marlin
  • Fabrice Moscheni (Fastcom) presented an impressive demonstration of DVB-CPCM. The demonstration raised a lot of interest.
  • Yangbin Wang (Vobile) explained how Vobile protected Olympic Games for CCTV

Conax, BayTSP, Verimatrix, Microsoft and Viaccess presented their products. Intertrust made a dull presentation of Marlin. I made two presentations:

  • A global approach of security explaining that using only fingerprint or watermark is insufficient, at least for tightly controlled distribution. The distinction between tightly controlled distribution and loosely controlled distribution was appreciated.
  • An introduction to DVB-CPCM before Fastcom’s demonstration.

Two main messages were conveyed during this symposium. Content Identification Techniques may allow monetization of content. Domain is the next paradigm in DRM.

Game and DRM

Posted on by
Reply

Grand Theft Auto IV will be protected by SecuRom. The fury starts again. It seems to be a shame that a game is protected by a DRM. 2008 will be the year where things changed:
– For many years, games were protected by anti copy systems. No body was seriously complaining. You found hacked versions of the games. Some ripping software (for instance Alcohol 120) were even providing tools to by pass the protections (physically, or in virtual drives).
– SecuRom, LaserLock, … were not called DRMs. They were called game protection systems.

And nobody complained! Gamers were happy. In my editorial of security newsletter #3, I was even highlighting this difference between game protection and DRM.

And suddenly, the world changes. Game protection becomes DRM (although using the same tricks and limitations). Game protections become unacceptable for users. The first fury was Spore. GTA IV will be the next one. Nevertheless, I am sure that GTA IV will be a blockbuster even with “DRM”.

What has changed? Media focus? Has somebody a good explanation to propose?