Forwarded From: Kjell Wooding <kwooding@codetalker.com>
http://www.wired.com/news/news/technology/story/12629.html
Windows NT Security Under Fire
by Chris Oakes
4:00am 1.Jun.98.PDT
Listen to security expert and consultant Bruce Schneier and he'll tell
you that Windows NT's security mechanism for running virtual private
networks is so weak as to be unusable. Microsoft counters that the
issues Schneier points out have mostly been addressed by software
updates or are too theoretical to be of major concern.
Schneier, who runs a security consulting firm in
Minneapolis, says his in-depth "cryptanalysis" of Microsoft's
implementation of the Point-to-Point Tunneling Protocol (PPTP) reveals
fundamentally flawed security techniques that dramatically compromise
the security of company information.
"PPTP is a generic protocol that will support any
encryption. We broke the Microsoft-defined [encryption] algorithms,
and also the Microsoft control channel." However, he said he was
unaware of some of Microsoft's NT 4.0 updates when he ran his tests.
With relative ease, intruders can exploit the flaws, Schneier said,
which he summarizes as weak authentication and poor encryption
implementation. The result is that passwords can be easily
compromised, private information can be disclosed, and servers used to
host a virtual private network, or VPN, can be disabled through
denial-of-service attacks, Schneier said.
It's kindergarten cryptography. These are dumb mistakes," Schneier
said.
In letting companies use the public Internet as a means for
establishing "private" company networks, VPN products use the protocol
to establish the "virtual" connections between remote computers.
PPTP secures the packets sent via the Internet by encapsulating them
in other packets. Encryption is used to further secure the data
contained in the packets. It is the scheme Microsoft uses for this
encryption that Schneier says is flawed.
Specifically, Schneier's analysis found flaws that would let an
attacker "sniff" passwords as they travel across a network, break open
an encryption scheme, and mount denial-of-service attacks on network
servers, which render them inoperable. Confidential data is therefore
compromised, he said.
The nature of the flaws varied, but Schneier identified five primary
ones. For example, Schneier found a method of scrambling passwords
into a code -- a rough description of "hashing" -- to be simple enough
that the code is easily broken. Though 128-bit "keys" can be used to
access the encryption feature of the software, Schneier said the
simple password-based keys that it allows can be so short that
information could be decrypted by figuring out what may be very simple
passwords, such as a person's middle name.
"This is really surprising. Microsoft has good cryptographers in their
employ." The problem, he said, is that they're not adequately involved
in product development.
Schneier emphasized that no flaws were found in the PPTP protocol
itself, but in the Windows NT version of it. Alternate versions are
used on other systems such as Linux-based servers.
Microsoft's implementation is "only buzzword-compliant," Schneier
said. "It doesn't use [important security features like 128-bit
encryption] well."
Windows NT has in the past been the object of several security
complaints, including denial-of-service vulnerabilities.
Microsoft says the five primary weaknesses Schneier has called
attention to are either theoretical in nature, previously discovered,
and/or have been addressed by recent updates to the operating system
software.
"There's really not much in the way of news here," said Kevin Kean, an
NT product manager at Microsoft. "People point out security issues
with the product all the time.
"We're on our way to enhancing our product to take care of some of
these situations already," Kean said.
He acknowledged that the password hashing had been fairly simple, but
that updates have used a more secure hashing algorithm. He also
contends that even a weak hashing can be relatively secure.
The issue of using simple passwords as encryption keys is relevant to
individual company policy more than Microsoft's product. A company
that has a policy requiring employees to use long, more complex
passwords can ensure that their network encryption is more secure. An
update to the product, Kean said, lets administrators require a long
password from company employees.
On another issue, where a "rogue" server could fool a virtual private
network into thinking it was a legitimate node on the network, Karan
Khanna, a Windows NT product manager, said while that was possible,
the server would only intercept of a "stream of gobbledygook" unless
the attacker had also cracked the encryption scheme. That and other
issues require a fairly difficult set of conditions, including the
ability to collect the diverging paths of VPN packets onto a server,
to come into place.
For that reason, Microsoft insists its product offers a reasonable
level of security for virtual private networks, and that upcoming
versions of the software will make it stronger.
Windows NT security expert Russ Cooper, who runs a mailing list that
monitors problems with Windows NT, agrees with Microsoft that most of
Schneier's findings have been previously turned up and discussed in
forums like his. What Schneier has done is tested some of them, he
said, and proven their existence.
But he points out that fixes for the problems have only recently been
released, outdating Schneier's tests. The problems may not have been
all successfully addressed by the fixes, Cooper said, but represent an
unknown that may negate some of Schneier's findings.
On Schneier's side, however, Cooper agrees that it typically takes
publicity of such weaknesses to get Microsoft to release fixes. "Folks
need to get better response from Microsoft in terms of security,"
Cooper said.
He also added support to a point that Schneier makes -- that Microsoft
treats security more casually than other issues because it has no
impact on profit.
"Microsoft doesn't care about security because I don't believe they
think it affects their profit. And honestly, it probably doesn't."
Cooper believes this is part of what keeps them from hiring enough
security personnel.
Microsoft vehemently contests the charge. Microsoft's Khanna said in
preparing the next release of the operating system, the company has
installed a team to attack NT, an effort meant to find security
problems before the product is released.
And, Microsoft reminds us, no product is totally secure. "Security is
a continuum," Microsoft's Kean said. "You can go from totally insecure
to what the CIA might consider secure." The security issue at hand, he
said, lies within a reasonable point on that continuum.
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Jun 1 16:23:55 1998