For almost two years the OpenSSL library used by Linux distribution Debian has been generating useless cryptographic keys — although Debian has issued a patch, experts warn that systems may still be exposed.
On Tuesday, the Debian project admitted that security expert Luciano Bello had discovered that an update to Debian's OpenSSL package in 2006 weakened the system's Random Number Generator, making SSH and SSL encryption and authentication — used to secure communications for applications such as Internet banking — useless.
"Because this vulnerability affects the OpenSSL package, which is used for generating various keys including SSH keys, session keys for SSL/TLS connections, OpenVPN and DNSSec keys and others, the implications are quite significant," Nishad Herath, chief executive officer of security consultancy Novologica, told ZDNet.com.au.
The vulnerability primarily affects Debian and Debian-derived systems, such as Ubuntu, according to Metasploit founder, H. D. Moore. However non-Debian systems are also exposed, said Herath.
"Non-Debian systems are also made vulnerable if they were using key material generated on an affected Debian system. To make matters worse, all DSA keys used for signing and authentication purposes on an affected Debian system is also made vulnerable — the Debian official security advisory recommends that such keys be considered compromised," said Herath.
Metasploit's Moore, yesterday told IT Radio's Risky Business that patching won't fix the problem either.
"Patching the vulnerability does not remove the vulnerability — it just prevents it from happening from that point on," he said.
Gabriel Haythornthwaite, information security consultant for Castelain, told ZDNet.com.au this means: "An attacker, who is predicting what a key would have been at the time, can break into a session or can retrospectively gather information from the session."
Novologica's Herath said this is a "spectacular screw up" on the part of the maintainers of the Debian system.
"It is quite commonplace that package maintainers of certain Linux distributions modify the source code of a given package to suit the specificities of a particular distribution. However, these changes are often not submitted to the original developers of the package for scrutiny," he said.
The changes made to the Debian OpenSSL package ... is in my view a spectacular screw up that clearly demonstrates the dangers of this modification process, where changes are not reviewed by the original authors of the package let alone any third-party experts prior to being made available to the public."
The Debian project has published a detector for known weak key material, which also provides instructions for rolling over encryption keys.