Aug 10 2022

APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see

Here’s this week’s BWAIN, our jocular term for a Bug With An Impressive Name.

BWAIN is an accolade that we hand out when a new cybersecurity flaw not only turns out to be interesting and important, but also turns up with its own logo, domain name and website.

This one is dubbed Ă†PIC Leak, a pun on the words APIC and EPIC.

The former is short for Advanced Programmable Interrupt Controller, and the latter is simply the word “epic”, as in giantmassiveextrememegahumongous.

The letter Æ hasn’t been used in written English since Saxon times. Its name is æsc, pronounced ash (as in the tree), and it pretty much represents the sound of the A in in the modern word ASH. But we assume you’re supposed to pronounce the word ÆPIC here either as “APIC-slash-EPIC”, or as “ah!-eh?-PIC”.

What’s it all about?

All of this raises five fascinating questions:

  • What is an APIC, and why do I need it?
  • How can you have data that even the kernel can’t peek at?
  • What causes this epic failure in APIC?
  • Does the ÆPIC Leak affect me?
  • What to do about it?

What’s an APIC?

Let’s rewind to 1981, when the IBM PC first appeared.

The PC included a chip called the Intel 8259A Programmable Interrupt Controller, or PIC. (Later models, from the PC AT onwards, had two PICs, chained together, to support more interrupt events.)

The purpose of the PIC was quite literally to interrupt the program running on the PC’s central processor (CPU) whenever something time-critical took place that needed attention right away.

These hardware interrupts included events such as: the keyboard getting a keystroke; the serial port receiving a character; and a repeating hardware timer ticking over.

Without a hardware interrupt system of this sort, the operating system would need to be littered with function calls to check for incoming keystrokes on a regular basis, which would be a waste of CPU power when no one was typing, but wouldn’t be responsive enough when they did.

As you can imagine, the PIC was soon followed by an upgraded chip called the APIC, an advanced sort of PIC built into the CPU itself.

These days, APICs provide much more than just feedback from the keyboard, serial port and system timer.

APIC events are triggered by (and provide real-time data about) events such as overheating, and allow hardware interaction between the different cores in contemporary multicore processors.

And today’s Intel chips, if we may simplifly greatly, can generally be configured to work in two different ways, known as xAPIC mode and x2APIC mode.

Here, xAPIC is the “legacy” way of extracting data from the interrupt controller, and x2APIC is the more modern way.

Simplifying yet further, xAPIC relies on what’s called MMIO, short for memory-mapped input/output, for reading data out of the APIC when it registers an event of interest.

In MMIO mode, you can find out what triggered an APIC event by reading from a specific region of memory (RAM), which mirrors the input/output registers of the APIC chip itself.

This xAPIC data is mapped into a 4096-byte memory block somewhere in the physical RAM of the computer.

This simplifies accessing the data, but it requires an annoying, complex (and, as we shall see, potentially dangerous) interaction between the APIC chip and system memory.

In contrast, x2APIC requires you to read out the APIC data directly from the chip itself, using what are known as Model Specific Registers (MSRs).

According to Intel, avoiding the MMIO part of the process â€śprovides significantly increased processor addressability and some enhancements on interrupt delivery.”

Notably, extracting the APIC data directly from on-chip registers means that the total amount of data supported, and the maximum number of CPU cores that can be managed at the same time, is not limited to the 4096 bytes available in MMIO mode.

Tags: Cryptography, Data loss


Aug 09 2022

Scientists hid encryption key for Wizard of Oz text in plastic molecules

Category: Cryptograghy,Information SecurityDISC @ 8:36 am

It’s “a revolutionary scientific advance in molecular data storage and cryptography.”

Scientists from the University of Texas at Austin encrypted the key to decode text of the <em>The Wizard of Oz</em> in polymers.

Scientists from the University of Texas at Austin sent a letter to colleagues in Massachusetts with a secret message: an encryption key to unlock a text file of L. Frank Baum’s classic novel The Wonderful Wizard of Oz. The twist: The encryption key was hidden in a special ink laced with polymers, They described their work in a recent paper published in the journal ACS Central Science.

When it comes to alternative means for data storage and retrieval, the goal is to store data in the smallest amount of space in a durable and readable format. Among polymers, DNA has long been the front runner in that regard. As we’ve reported previously, DNA has four chemical building blocks—adenine (A), thymine (T), guanine (G), and cytosine (C)—which constitute a type of code. Information can be stored in DNA by converting the data from binary code to a base-4 code and assigning it one of the four letters. A single gram of DNA can represent nearly 1 billion terabytes (1 zettabyte) of data. And the stored data can be preserved for long periods—decades, or even centuries.

There have been some inventive twists on the basic method for DNA storage in recent years. For instance, in 2019, scientists successfully fabricated a 3D-printed version of the Stanford bunny—a common test model in 3D computer graphics—that stored the printing instructions to reproduce the bunny. The bunny holds about 100 kilobytes of data, thanks to the addition of DNA-containing nanobeads to the plastic used to 3D print it. And scientists at the University of Washington recently recorded K-Pop lyrics directly onto living cells using a “DNA typewriter.”

But using DNA as a storage medium also presents challenges, so there is also great interest in coming up with other alternatives. Last year, Harvard University scientists developed a data-storage approach based on mixtures of fluorescent dyes printed onto an epoxy surface in tiny spots. The mixture of dyes at each spot encodes information that is then read with a fluorescent microscope. The researchers tested their method by storing one of 19th-century physicist Michael Faraday’s seminal papers on electromagnetism and chemistry, as well as a JPEG image of Faraday.

Other scientists have explored the possibility of using nonbiological polymers for molecular data storage, decoding (or reading) the stored information by sequencing the polymers with tandem mass spectrometry. In 2019, Harvard scientists successfully demonstrated the storage of information in a mixture of commercially available oligopeptides on a metal surface, with no need for time-consuming and expensive synthesis techniques.

This latest paper focused on the use of sequence-defined polymers (SDPs)  as a storage medium for encrypting a large data set. SDPs are basically long chains of monomers, each of which corresponds to one of 16 symbols. “Because they’re a polymer with a very specific sequence, the units along that sequence can carry a sequence of information, just like any sentence carries information in the sequence of letters,” co-author Eric Anslyn of UT told New Scientist.

But these macromolecules can’t store as much information as DNA, per the authors, since the process of storing more data with each additional monomer becomes increasingly inefficient, making it extremely difficult to retrieve the information with the current crop of analytic instruments available. So short SDPs must be used, limiting how much data can be stored per molecule. Anslyn and his co-authors figured out a way to improve that storage capacity and tested the viability of their method.

First, Anslyn et al. used a 256-bit encryption key to encode Baum’s novel into a polymer material made up of commercially available amino acids. The sequences were comprised of eight oligourethanes, each 10 monomers long. The middle eight monomers held the key, while the monomers on either end of a sequence served as placeholders for synthesis and decoding. The placeholders were “fingerprinted” using different isotope labels, such as halogen tags, indicating where each polymer’s encoded information fit within the order of the final digital key,

Then they jumbled all the polymers together and used depolymerization and liquid chromatography-mass spectrometry (LC/MS) to “decode” the original structure and encryption key. The final independent test: They mixed the polymers into a special ink made of isopropanol, glycerol, and soot. They used the ink to write a letter to James Reuther at the University of Massachusetts, Lowell. Reuther’s lab then extracted the ink from the paper and used the same sequential analysis to retrieve the binary encryption key, revealing the text file of The Wonderful Wizard of Oz.

In other words, Anslyn’s lab wrote a message (the letter) containing another secret message (The Wonderful Wizard of Oz) hidden in the molecular structure of the ink. There might be more pragmatic ways to accomplish the feat, but they successfully stored 256 bits in the SDPs, without using long strands. “This is the first time this much information has been stored in a polymer of this type,” Anslyn said, adding that the breakthrough represents “a revolutionary scientific advance in the area of molecular data storage and cryptography.”

Anslyn and his colleagues believe their method is robust enough for real-world encryption applications. Going forward, they hope to figure out how to robotically automate the writing and reading processes.

DOI: ACS Central Science, 2022. 10.1021/acscentsci.2c00460  (About DOIs).

Tags: encryption key, plastic molecules


Jun 29 2022

Harmony blockchain loses nearly $100M due to hacked private keys

Category: Crypto,CryptograghyDISC @ 2:45 pm

Another day, another De-Fi (decentralised finance) attack.

This time, online smart contract company Harmony, which pitches itself as an “open and fast blockchain”, has been robbed of more than $80,000,000’s worth of Ether cryptocoins.

Surprisingly (or unsurprisingly, depending on your point of view), if visit Harmony’s website, you’ll probably end up totally unware of the massive loss that the business just suffered.

Even the business’s official blog, linked to from the website, doesn’t mention it.

The most recent blog article dates to the very start of 2022, and is entitled Lost Funds Investigation Report.

Unfortunately, those lost funds aren’t these lost funds.

Apparently, at the start of the year, those lost funds happened when five individuals were ripped off to the tune of just over 19 million of Harmony’s ONE tokens, then apparently worth about 25 US cents each.

Harmony made an offer, back on 04 January 2022, stating that:

We wish to provide the suspect an opportunity to communicate with the Harmony Foundation and return all funds. Harmony will not pursue further legal action or dox your identity so long as we receive your full cooperation. The team will offer you a bounty to reveal how this theft was performed so long as it can be validated.

We’re not sure whether it’s legal for a company to offer to rewrite history to pretend that an unauthorised and probably illegal hack was actually legitimate research, though it did seem to work in the infamous $600 million hack of Poly Networks.

The perpetrator in that case made a flurry of curious pseudo-political blockchain announcements ALL IN CAPS, written in artifically poor English, to claim that money wasn’t the motivator behind the crime.

Ultimately, after currying favour with the cracker by adopting the nickname Mr White Hat, Poly Networks (to many people’s astonishment, including our own) got most of their funds back.

We’re also not sure just how much insulation from prosecution any offer from the victim not to “press charges” is likely to provide, given that in many countries, it’s the state that usually takes the decision to investigate, charge and prosecute suspects for criminal offences.

Some countries, such as England, do give private individuals (including professional bodies or charities) the right to conduct a private prosecution if the state doesn’t want to do it, but they don’t give crime victims a “corollary right” to prevent the state from prosecuting a case if it does want to do so.

Nevertheless, Poly Networks’ unexpected success in recovering more than half-a-billion dollars has encouraged other cryptocurrency businesses to try this “wipe the slate clean” approach, presumably on the grounds that there’s often not much else they can do.

But it doesn’t seem to work terribly often.

It certainly didn’t seem to work for Harmony in January 2022, though if the perpetrator hasn’t yet been able to cash out their ill-gotten gains, they might regret not taking up the offer.

By 15 January 2022, when Harmony’s fake “bug bounty offer” expired, ONE tokens peaked at $0.35, but have since sunk to below 2.5 cents each, according to CoinGecko.

Cryptography for Secure Encryption

Tags: Cryptography for Secure Encryption, hacked private keys


Jan 01 2022

Flaws in DataVault encryption software impact multiple storage devices

Category: Cryptograghy,data securityDISC @ 12:49 pm

Researcher Sylvain Pelissier has discovered that the DataVault encryption software made by ENC Security and used by multiple vendors is affected by a couple of key derivation function issues. An attacker can exploit the flaws to obtain user passwords.

This week Pelissier detailed the vulnerabilities at the Chaos Computer Club’s Remote Chaos Experience (rC3) virtual conference.

DataVault is an advanced encryption software to protect user data, it provides comprehensive military grade data protection and security features to multiple systems.

Multiple vendors, including WD, Sony and Lexar use the DataVault software.

Pelissier discovered the issues through the reverse engineering of the software.

“It turned out that the key derivation function was PBKDF2 using 1000 iteration of MD5 to derive the encryption key. The salt used to derive the keys is constant and hardcoded in all the solutions and all the vendors. This makes it easier for an attacker to guess the user password of a vault using time/memory tradeoff attack techniques such as rainbow tables and to re-use the tables to retrieve passwords for all users using the software. The implementation itself was incorrect and even with a randomly generated unique salt, it would be effortless to recover the password of a user. Other flaws of the key derivation function will be discussed and compared with nowadays good practices.” reads the presentation of the speech published on the rc3 website.

“The data encryption method was also found to be malleable, allowing malicious modifications of files in a vault without any detection. No data integrity mechanism was set up.”

The vulnerabilities have been tracked as CVE-2021-36750 and CVE-2021-36751.

“DataVault and its derivatives were using a one-way cryptographic hash with a predictable salt making it vulnerable to dictionary attacks by a malicious user. The software also made use of a password hash with insufficient computational effort that would allow an attacker to brute force user passwords leading to unauthorized access to user data.” reads the security advisory published by ENC. “Both the key derivation function issues described above have been resolved in the updated version DataVault 7.2.”

Tags: DataVault, encryption software


Sep 23 2021

FBI Had the REvil Decryption Key

Category: CryptograghyDISC @ 3:03 pm

Real-World Cryptography

Tags: Decryption Key, FBI, Real-World Cryptography, Revil


Jul 30 2021

Storing Encrypted Photos in Google’s Cloud

Category: Cloud computing,CryptograghyDISC @ 8:21 am

STORING YOUR DATA IN THE CLOUD

STORING YOUR DATA IN THE CLOUD by [Lursa Muuda]

Tags: Encrypted Photos, STORING YOUR DATA IN THE CLOUD


Jun 13 2021

FBI/AFP-Run Encrypted Phone

Category: Backdoor,Crypto,CryptograghyDISC @ 9:33 am

If there is any moral to this, it’s one that all of my blog readers should already know: trust is essential to security. And the number of people you need to trust is larger than you might originally think. For an app to be secure, you need to trust the hardware, the operating system, the software, the update mechanism, the login mechanism, and on and on and on. If one of those is untrustworthy, the whole system is insecure.

It’s the same reason blockchain-based currencies are so insecure, even if the cryptography is sound.

Tags: Australia, backdoors, cryptocurrency, encryption, FBI, law enforcement, trust


May 21 2021

THE FULL STORY OF THE 2011 RSA HACK CAN FINALLY BE TOLD

Category: 2FA,Access Control,CryptograghyDISC @ 8:34 am

THE FULL STORY OF THE 2011 RSA HACK CAN FINALLY BE TOLD – Wired


Apr 27 2021

Organizations can no longer afford to overlook encrypted traffic

Category: CryptograghyDISC @ 1:37 pm

Whether you’re a small business operating out of a single office or a global enterprise with a huge and distributed corporate network, not inspecting the encrypted traffic entering and leaving can be a costly mistake, as cybercriminals are increasingly using TLS (Transport Layer Security) in their attacks.

Case in point: in Q1 2020, 23 percent of malware detected by Sophos used TLS to disguise malicious communications. Only a year later, that percentage has nearly doubled (45%)!

TLS encryption: For better and for worse

The widespread use of TLS encryption prevents criminals to steal or tamper with sensitive data and to impersonate legitimate organizations online. Unfortunately, it can also allow malware to fly under the radar and hide from enterprise IT security teams and the tools they use.

“A large portion of the growth in overall TLS use by malware can be linked in part to the increased use of legitimate web and cloud services protected by TLS—such as Discord, Pastebin, Github and Google’s cloud services—as repositories for malware components, as destinations for stolen data, and even to send commands to botnets and other malware,” noted Sean Gallagher, Senior Threat Researcher at Sophos.

“It is also linked to the increased use of Tor and other TLS-based network proxies to encapsulate malicious communications between malware and the actors deploying them.”

The company has also witnessed an increase in TLS use in manually deployed ransomware attacks, partly because the attackers use modular offensive tools (e.g., Metasploit, Cobalt Strike) that leverage HTTPS.

Tags: TLS encryption


Apr 21 2021

When cryptography attacks – how TLS helps malware hide in plain sight

Category: CryptograghyDISC @ 8:36 am

Lots of things that we rely on, and that are generally regarded as bringing value, convenience and benefit to our lives…

…can be used for harm as well as good.

Even the proverbial double-edged sword, which theoretically gave ancient warriors twice as much fighting power by having twice as much attack surface, turned out to be, well, a double-edged sword.

With no “safe edge” at the rear, a double-edged sword that was mishandled, or driven back by an assailant’s counter-attack, became a direct threat to the person wielding it instead of to their opponent.

Sadly, there are lots of metaphorically double-edged swords amidst modern technology.

And no IT technology feels quite as double-edged as encryption, the process of scrambling data securely in such a way that only the intended recipient can ever unscramble it later on.

Almost everything about encryption makes it feel as though it is both immeasurably useful and dispiritingly dangerous at the same time.

The encryption dilemma

Tags: TLS


Apr 05 2021

Encryption is either secure or it’s not – there is no middle ground

Category: CryptograghyDISC @ 8:41 am

Adopting new rules

We remain deeply concerned, therefore, that the Council of the European Union is seeking to adopt new rules that would effectively do away with encryption. At the end of last year, they released a five-page resolution that called for the EU to pass new rules to govern the use of end-to-end encryption in Europe. We are completely against this resolution as it effectively ends the notion of true encryption.

There’s no such thing as strong encryption if you allow the institution of backdoors for government or law enforcement officials – and don’t believe any politicians who say otherwise – they are, at best, ill-informed. The most important takeaway here is that encryption is either secure or it is not. Users either have privacy or they do not.

Encryption is either secure or it’s not – there is no middle ground

Tags: Encryption is either secure or it’s not


Mar 29 2021

Serious Security: OpenSSL fixes two high-severity crypto bugs

Category: Cryptograghy,Security vulnerabilitiesDISC @ 9:33 am

We’re sure you’ve heard of OpenSSL, and even if you aren’t a coder yourself, you’ve almost certainly used it.

OpenSSL is one of the most popular open-source cryptography libraries out there, and lots of well-known products rely on it, especially on Linux, which doesn’t have a standard, built-in encryption toolkit of its own.

Even on Windows and macOS, which do have encryption toolkits built into their distributions, you may have software installed that includes and uses OpenSSL instead of the operating system’s standard cryptographic libraries.

As its name suggests, OpenSSL is very commonly used for supporting network-based encryption using TLS, which is the contemporary name for what used to be called SSL.

TLS, or transport layer security, is what puts the padlock into your browser, and it’s probably what encrypts your email in transit these days, along with protecting many other online communications initiated by your computer.

So, when an OpenSSL security advisory reports exploitable vulnerabilities in the software…

…it’s worth paying attention, and upgrading as soon as you can.

Tags: OpenSSL


Mar 25 2021

OpenSSL Project released 1.1.1k version to fix two High-severity flaws

Category: Access Control,CryptograghyDISC @ 10:46 pm

Tags: High-severity flaws, OpenSSL


Oct 30 2020

In a first, researchers extract secret key used to encrypt Intel CPU code

Category: Crypto,CryptograghyDISC @ 2:49 pm

Hackers can now reverse-engineer updates or write their own custom firmware.

Source: In a first, researchers extract secret key used to encrypt Intel CPU code





Oct 21 2020

PayPal to allow cryptocurrency buying, selling and shopping on its network

Category: Crypto,CryptograghyDISC @ 10:36 am

PayPal Holdings Inc joined the cryptocurrency market on Wednesday, allowing customers to buy, sell and hold bitcoin and other virtual coins using the U.S. digital payments company’s online wallets.

Source: PayPal to allow cryptocurrency buying, selling and shopping on its network



PayPal to Allow Cryptocurrency Buying, Selling and Shopping on its Network â‚żâ‚żâ‚ż
httpv://www.youtube.com/watch?v=QdOvU6YzNbU&ab_channel=RulesForRebels










Tags: cryptocurrency, PayPal


Jan 29 2020

Tokenization vs. Encryption vs. Aliasing – How to Truly Minimize Compliance Risk

Category: Cryptograghy,Information SecurityDISC @ 10:17 pm

 

https://en.wikipedia.org/wiki/Tokenization_(data_security)

Source: Tokenization vs. Encryption vs. Aliasing – How to Truly Minimize Compliance Risk

The tokenization of things | Matthew Roszak | TEDxSanFrancisco
httpv://www.youtube.com/watch?v=Rto-earGcxg


Subscribe to DISC InfoSec blog by Email





May 05 2019

Belgian programmer solves cryptographic puzzle

Category: CryptograghyDISC @ 2:35 pm

Belgian programmer solves cryptographic puzzle – 15 years too soon!

Belgian coder Bernard Fabrot just finished a 3.5-year computational marathon, solving a fascinating cryptopuzzle set at MIT back in 1999.

Source: Belgian programmer solves cryptographic puzzle – 15 years too soon!

 

 Subscribe in a reader




Tags: Cryptography, data encryption, encrypted