New Cryptographic Vulnerability: DUHK
A recent cryptographic vulnerability known as DUHK, which stands for “Don’t Use Hard-coded Keys,” has emerged as a significant concern for VPN and web browsing security. This non-trivial flaw could enable attackers to extract encryption keys, potentially compromising sensitive data.
The DUHK vulnerability follows closely on the heels of other notable vulnerabilities disclosed this month, including the KRACK Wi-Fi attack and the ROCA factorization attack. The impact of DUHK is widely felt, affecting a plethora of products from various vendors, including well-known companies like Fortinet and Cisco. At the core of the issue lies the reliance on the outdated ANSI X9.31 Random Number Generator (RNG), which, in combination with hard-coded seed keys within device firmware, presents a serious security risk.
ANSI X9.31 RNG was a part of various cryptographic standards for over thirty years but was removed from the list of FIPS-approved pseudorandom number generation algorithms in January 2016 due to its vulnerabilities. Unlike true random number generators, pseudorandom number generators (PRNGs) rely on deterministic algorithms that produce predictable outputs based on predefined initial values, or seeds. When vendors incorporate a hard-coded seed into their products, they inadvertently expose themselves to risks associated with firmware reverse-engineering.
Research conducted by cryptography experts Shaanan Cohney, Nadia Heninger, and Matthew Green identified DUHK as a “state recovery attack.” This technique allows an adversary, particularly a man-in-the-middle attacker who already possesses the seed value, to recover the current state value by monitoring output sequences. With both the seed and current state in hand, attackers are then able to recompute encryption keys, ultimately leading to the decryption of sensitive data such as corporate information, login credentials, and credit card details.
In their research, the authors demonstrated the practicality of this attack using FortiGate VPN gateway products operating on FortiOS version 4. Their scans revealed that around 23,000 devices with publicly accessible IPv4 addresses were running vulnerable versions of FortiOS, highlighting a broader vulnerability landscape.
The ramifications for organizations relying on affected devices can be severe, as this vulnerability could open the door for data breaches that impact operational integrity and customer trust. Security teams must prioritize patching and updating products that utilize the ANSI X9.31 RNG to mitigate these risks.
To further understand the specifics of this attack and the tools utilized, one can refer to the MITRE ATT&CK framework. The tactics and techniques potentially leveraged in this attack include initial access through vulnerable devices and exploitation of weaknesses associated with inheritance of hard-coded secrets. By systematically assessing the potential paths of these attacks, organizations can better fortify their defenses against such vulnerabilities.
For further details and a technical breakdown of the DUHK vulnerability, researchers have published insights on a dedicated website. Business owners and IT professionals should take immediate steps to review device security settings, update firmware, and reassess their cryptographic implementations to safeguard their infrastructure from these emerging threats.