nCipher products HSM weak key

ncipher-hsm-weak-key (25060) The risk level is classified as MediumMedium Risk

Description:

Multiple nCipher products generate Diffie-Hellman keys with weaker than expected private keys. If the key is not generated with the Oakley group parameters, a remote attacker with access to HMS could obtain the private key.

Products affected by this vulnerability have Diffie-Hellman keys that were generated using the 'generatekey' utility, keys that were generated by an application which uses the nCore API, the MSCAPI or JCECSP provider, or by the CHIL from nCipher software CD versions earlier than v9.0.

Platforms Affected:

  • nCipher, nCipher V10 prior to 2.22.6

Remedy:

Upgrade to the latest nCipher V10 firmware (2.22.6 or later), as listed in the nCipher Security Advisory #12. See References.

Consequences:

Obtain Information

References:

  • nCipher Security Advisory #12, SA#12: Insecure Generation of Diffie-Hellman keys at http://www.ncipher.com/resources/95/sa12_insecure_generation_of_diffiehellman_keys.
  • BID-17006: nCipher Insecure Diffie-Hellman Key Generation Vulnerability
  • CVE-2006-1115: nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any specified DiscreteLogGroup parameters, chooses random parameters that could allow an attacker to crack the private key in significantly less time than a brute force attack.
  • SA19137: nCipher Products Multiple Vulnerabilities
  • SECTRACK ID: 1015719: nCipher Hardware Security Module May Let Local Users Determine Diffie-Hellman Keys
  • VUPEN/ADV-2006-0862: nCipher Products Multiple Insecure Keys and Security Bypass Vulnerabilities

Reported:

Mar 07, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page