nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

Extending NIST’s CAVP Testing of Cryptographic Hash Function Implementations

verfasst von : Nicky Mouha, Christopher Celi

Erschienen in: Topics in Cryptology – CT-RSA 2020

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This paper describes a vulnerability in Apple’s CoreCrypto library, which affects 11 out of the 12 implemented hash functions: every implemented hash function except MD2 (Message Digest 2), as well as several higher-level operations such as the Hash-based Message Authentication Code (HMAC) and the Ed25519 signature scheme. The vulnerability is present in each of Apple’s CoreCrypto libraries that are currently validated under FIPS 140-2 (Federal Information Processing Standard). For inputs of about \(2^{32}\) bytes (4 GiB) or more, the implementations do not produce the correct output, but instead enter into an infinite loop. The vulnerability shows a limitation in the Cryptographic Algorithm Validation Program (CAVP) of the National Institute of Standards and Technology (NIST), which currently does not perform tests on hash functions for inputs larger than 65 535 bits. To overcome this limitation of NIST’s CAVP, we introduce a new test type called the Large Data Test (LDT). The LDT detects vulnerabilities similar to that in CoreCrypto in implementations submitted for validation under FIPS 140-2.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel : White-Box Secure Block Cipher Using Parallel Table Look-Ups

Nächstes Kapitel A Fast Characterization Method for Semi-invasive Fault Injection Attacks

Nur mit Berechtigung zugänglich

For the signature verification operation, the CAVP also includes some invalid padding tests.

We refer to the latest CoreCrypto that is available online at the time of writing (November 25, 2019). It does not appear to have a version number, but can be identified by the year 2018 in the copyright notice.

Albrecht, M.R., Massimo, J., Paterson, K.G., Somorovsky, J.: Prime and prejudice: primality testing under adversarial conditions. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, 15–19 October 2018, pp. 281–298. ACM (2018). https://doi.org/10.1145/3243734.3243787

American National Standards Institute: Public Key Cryptography for the Financial Services Industry - Key Agreement and Key Transport Using Elliptic Curve Cryptography. ANSI X9.63 (2017). https://webstore.ansi.org/standards/ascx9/ansix9632011r2017

Apple: Security - Apple Developer, September 2019. https://developer.apple.com/security/

Aumasson, J.P., Henzen, L., Meier, W., Phan, R.C.W.: SHA-3 proposal BLAKE. Submission to the NIST SHA-3 Competition (Round 3) (2010). http://131002.net/blake/blake.pdf

Bassham III, L.E., Hall, T.A.: The Secure Hash Algorithm Validation System (SHAVS), May 2014. https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/shs/SHAVS.pdf

Bertoni, G., Daemen, J., Peeters, M., van Assche, G.: The Keccak SHA-3 submission. Submission to the NIST SHA-3 Competition (Round 3) (2011). http://keccak.noekeon.org/Keccak-submission-3.pdf

Brumley, B.B., Barbosa, M., Page, D., Vercauteren, F.: Practical realisation and elimination of an ECC-related software bug attack. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 171–186. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_11CrossRef

Celi, C.: ACVP Secure Hash Algorithm (SHA) JSON Specification. IETF Internet-Draft (2018). https://usnistgov.github.io/ACVP/artifacts/draft-celi-acvp-sha-00.html

Cisco: The libacvp library, September 2019. https://github.com/cisco/libacvp

10.

Google: Project Wycheproof tests crypto libraries against known attacks, September 2019. https://github.com/google/wycheproof

11.

Industry Working Group on Automated Cryptographic Algorithm Validation: ACVP, September 2019. https://usnistgov.github.io/ACVP/

12.

Mouha, N., Raunak, M.S., Kuhn, D.R., Kacker, R.: Finding bugs in cryptographic hash function implementations. IEEE Trans. Reliab. 67(3), 870–884 (2018). https://doi.org/10.1109/TR.2018.2847247CrossRef

13.

National Bureau of Standards: Validating the Correctness of Hardware Implementations of the NBS Data Encryption Standard. NBS Special Publication 500–20, November 1977. https://doi.org/10.6028/NBS.SP.500-20e1977

14.

National Institute of Standards and Technology: Advanced Encryption Standard (AES). NIST Federal Information Processing Standards Publication 197, November 2001. https://doi.org/10.6028/NIST.FIPS.197

15.

National Institute of Standards and Technology: Description of Known Answer Test (KAT) and Monte Carlo Test (MCT) for SHA-3 Candidate Algorithm Submissions, February 2008. https://csrc.nist.gov/CSRC/media/Projects/Hash-Functions/documents/SHA3-KATMCT1.pdf

16.

National Institute of Standards and Technology: Secure Hash Standard (SHS). NIST Federal Information Processing Standards Publication 180–4, August 2015. https://doi.org/10.6028/NIST.FIPS.180-4

17.

National Institute of Standards and Technology: SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. NIST Federal Information Processing Standards Publication 202, August 2015. https://doi.org/10.6028/NIST.FIPS.202

18.

National Institute of Standards and Technology and Canadian Centre for Cyber Security: Implementation Guidance for FIPS 140–2 and the Cryptographic Module Validation Program, August 2019. https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips140-2/FIPS1402IG.pdf

19.

SEI CERT C Coding Standard: INT17-C. Define integer constants in an implementation-independent manner, September 2019. https://wiki.sei.cmu.edu/confluence/display/c/INT17-C.+Define+integer+constants+in+an+implementation-independent+manner

20.

The MITRE Corporation: CWE-835: Loop with Unreachable Exit Condition (‘Infinite Loop’) (2019). https://cwe.mitre.org/data/definitions/835.html

21.

Valenta, L., et al.: Measuring small subgroup attacks against Diffie-Hellman. In: 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, 26 February - 1 March, 2017. The Internet Society (2017). https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/measuring-small-subgroup-attacks-against-diffie-hellman/

Titel: Extending NIST’s CAVP Testing of Cryptographic Hash Function Implementations
verfasst von: Nicky Mouha
Christopher Celi
Verlag: Springer International Publishing
Buch: Topics in Cryptology – CT-RSA 2020
Print ISBN: 978-3-030-40185-6

Electronic ISBN: 978-3-030-40186-3

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-40186-3_7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"