That Crypto Hole Is Probably Not A Threat, But It’s Still A Wake-Up Call

Written by Frank Hayes
February 23rd, 2012

If you liked 500-to-1 odds against your encryption keys being bad, it’s even better: The cryptographic hole that surfaced last week appears to be completely confined to devices such as consumer-grade routers. But even RSA, whose key security was questioned by the original report, now says it should serve as a wake-up call for network security, especially among retailers.

“This is one reason why the PCI SSC is spending a lot of time developing very detailed solution requirements for new technologies like Point-to-Point Encryption,” said RSA spokesman Rob Sadowski. “It’s not enough to have the best security tools if they are not implemented and deployed well.”

According to other researchers who have now combed through the original report, most encryption keys used for Secure HTTP access to Web sites are created correctly, using random-number generators that really are highly random. The weak keys apparently come almost entirely from standalone devices such as firewalls and routers, which often generate their keys automatically the first time they’re turned on—not a situation that’s guaranteed to create a lot of randomness. And RSA’s crypto technology wasn’t specifically at fault.

So—was this all a false alarm? Not really. Even critics of the original report say it’s full of useful data, though they disagree with the conclusions. And the consensus seems to be that there are bigger problems with encryption keys that need attention, along with issues of weak keys.

One major problem: Web sites (including E-Commerce sites) that don’t actually present public encryption keys that are registered with Certificate Authorities. If encryption keys aren’t registered with a CA, a customer’s browser can’t check them to make sure they’re valid. And if the browser doesn’t check, it doesn’t matter how random the encryption key is.

“The point is that, for the most part, clients don’t care, nothing is checking the validity of device certificates in the first place,” wrote security researcher Dan Kaminsky. “Most devices, even security devices, are popping these huge errors every time the user connects to their SSL ports. Because this is legitimate behavior—because there’s no reason to trust the provenance of a public key, right or wrong—users click through.”

Large retail chains should be less likely to have that problem, because a lack of functioning security on a retail Web site that takes payment cards should be picked up during a PCI audit, with very unpleasant results.

But a related problem is the case when a site’s certificate is valid, but not for a particular page on the site. That could happen because a certificate is good for a URL in a particular form—say, *—but a link that calls the page just starts with “”

(At least one academic researcher we quoted this week had that type of problem link on his Web site. It was a link to his homepage at his institution, but it threw a “This connection is untrusted” error. Naturally, we clicked through—but that’s not the sort of thing you want customers on your E-tail site to see just before you ask them for a payment-card number.)

And although unverified or invalid security certificates are probably a bigger problem than weak keys, those keys are still worth checking. The original researchers made it a point to try to notify the owners of weak encryption keys they found. Another group of researchers headed by Nadia Heninger at the University of California, San Diego, says they are now working on a Web site where keys and devices can be tested for vulnerability.

It’s still worth watching—that’s always the nature of security. But as the security specialist at a major retailer whom we talked to last week summed it up a few days ago, “The advice to ‘not panic or overreact yet’ remains in place.”


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.