DUHK (Don't Use Hard-coded Keys) is an attack that exploits devices that use the ANSI X9.31 Random Number Generator and have a hard-coded key. Turns out that hard-coded crypto keys are not that uncommon in products. A device is susceptible to the attack if:
The full list of susceptible devices is in the paper https://duhkattack.com/paper.pdf on page 7. Fortinet users make sure you are on firmware 5.x as a minimum as that changes the implementation to CTR_DRBG implementation rather than using ANSI X9.31 RNG. For other affected products the fix is generally "run the current version". Mark H - Shearwater
|
Mark 392 Posts ISC Handler Oct 25th 2017 |
||
Thread locked Subscribe |
Oct 25th 2017 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!