From Wired.Com
Windows NT Security Under Fire
by Chris Oakes
4:00am 1.Jun.98.PDT
Listen to security expert and consultant Bruce
Schneier and he'll tell you that Windows NT's
security mechanism for running virtual private
networks is so weak as to be unusable. Microsoft
counters that the issues Schneier points out have
mostly been addressed by software updates or are
too theoretical to be of major concern.
Schneier, who runs a security consulting firm in
Minneapolis, says his in-depth "cryptanalysis" of
Microsoft's implementation of the Point-to-Point
Tunneling Protocol (PPTP) reveals fundamentally
flawed security techniques that dramatically
compromise the security of company information.
"PPTP is a generic protocol that will support any
encryption. We broke the Microsoft-defined
[encryption] algorithms, and also the Microsoft
control channel." However, he said he was
unaware of some of Microsoft's NT 4.0 updates
when he ran his tests.
With relative ease, intruders can exploit the flaws,
Schneier said, which he summarizes as weak
authentication and poor encryption
implementation. The result is that passwords can
be easily compromised, private information can be
disclosed, and servers used to host a virtual
private network, or VPN, can be disabled through
denial-of-service attacks, Schneier said.
"It's kindergarten cryptography. These are dumb
mistakes," Schneier said.
In letting companies use the public Internet as a
means for establishing "private" company
networks, VPN products use the protocol to
establish the "virtual" connections between remote
computers.
PPTP secures the packets sent via the Internet by
encapsulating them in other packets. Encryption
is used to further secure the data contained in the
packets. It is the scheme Microsoft uses for this
encryption that Schneier says is flawed.
Specifically, Schneier's analysis found flaws that
would let an attacker "sniff" passwords as they
travel across a network, break open an encryption
scheme, and mount denial-of-service attacks on
network servers, which render them inoperable.
Confidential data is therefore compromised, he
said.
The nature of the flaws varied, but Schneier
identified five primary ones. For example, Schneier
found a method of scrambling passwords into a
code -- a rough description of "hashing" -- to be
simple enough that the code is easily broken.
Though 128-bit "keys" can be used to access the
encryption feature of the software, Schneier said
the simple password-based keys that it allows can
be so short that information could be decrypted by
figuring out what may be very simple passwords,
such as a person's middle name.
"This is really surprising. Microsoft has good
cryptographers in their employ." The problem, he
said, is that they're not adequately involved in
product development.
Schneier emphasized that no flaws were found in
the PPTP protocol itself, but in the Windows NT
version of it. Alternate versions are used on other
systems such as Linux-based servers.
Microsoft's implementation is "only
buzzword-compliant," Schneier said. "It doesn't
use [important security features like 128-bit
encryption] well."
Windows NT has in the past been the object of
several security complaints, including
denial-of-service vulnerabilities.
Microsoft says the five primary weaknesses
Schneier has called attention to are either
theoretical in nature, previously discovered, and/or
have been addressed by recent updates to the
operating system software.
"There's really not much in the way of news here,"
said Kevin Kean, an NT product manager at
Microsoft. "People point out security issues with
the product all the time.
"We're on our way to enhancing our product to
take care of some of these situations already,"
Kean said.
He acknowledged that the password hashing had
been fairly simple, but that updates have used a
more secure hashing algorithm. He also contends
that even a weak hashing can be relatively secure.
The issue of using simple passwords as
encryption keys is relevant to individual company
policy more than Microsoft's product. A company
that has a policy requiring employees to use long,
more complex passwords can ensure that their
network encryption is more secure. An update to
the product, Kean said, lets administrators require
a long password from company employees.
On another issue, where a "rogue" server could
fool a virtual private network into thinking it was a
legitimate node on the network, Karan Khanna, a
Windows NT product manager, said while that was
possible, the server would only intercept of a
"stream of gobbledygook" unless the attacker had
also cracked the encryption scheme. That and
other issues require a fairly difficult set of
conditions, including the ability to collect the
diverging paths of VPN packets onto a server, to
come into place.
For that reason, Microsoft insists its product offers
a reasonable level of security for virtual private
networks, and that upcoming versions of the
software will make it stronger.
Windows NT security expert Russ Cooper, who
runs a mailing list that monitors problems with
Windows NT, agrees with Microsoft that most of
Schneier's findings have been previously turned up
and discussed in forums like his. What Schneier
has done is tested some of them, he said, and
proven their existence.
But he points out that fixes for the problems have
only recently been released, outdating Schneier's
tests. The problems may not have been all
successfully addressed by the fixes, Cooper said,
but represent an unknown that may negate some
of Schneier's findings.
On Schneier's side, however, Cooper agrees that it
typically takes publicity of such weaknesses to
get Microsoft to release fixes. "Folks need to get
better response from Microsoft in terms of
security," Cooper said.
He also added support to a point that Schneier
makes -- that Microsoft treats security more
casually than other issues because it has no
impact on profit.
"Microsoft doesn't care about security because I
don't believe they think it affects their profit. And
honestly, it probably doesn't." Cooper believes this
is part of what keeps them from hiring enough
security personnel.
Microsoft vehemently contests the charge.
Microsoft's Khanna said in preparing the next
release of the operating system, the company has
installed a team to attack NT, an effort meant to
find security problems before the product is
released.
And, Microsoft reminds us, no product is totally
secure. "Security is a continuum," Microsoft's
Kean said. "You can go from totally insecure to
what the CIA might consider secure." The security
issue at hand, he said, lies within a reasonable
point on that continuum.
Check on other Web coverage of this story with
NewsBot |
