The 50 Ways Series
50 Ways to Defeat Your PKI and Other Cryptosystems
Richard Power called me at 4:07 PM and told me he
wanted 50 ways to defeat your PKI and Other Cryptosystems - 50 ways - 53
minutes - no problem. After taking 10 minutes to chat with Patrice
about the coming CSI conference, I started out.
- 1. Flood the PKI with fictitious user IDs and names. The net
effect is that any typo gets the user one of your pre-positioned keys.
You then decrypt their messages and forward them encrypted to the
- 2. Interrupt traffic every 10 or 20 packets by sending a 'reset'
packet to the session. Since PKI uses private key encryption for high
volume transmissions, it depends heavily on synchronization for its
proper operation. Every time you descnchronize the private key system,
new public key exchanges have to be make to get a new private key - at
the overhead of lots of computer time and exchanged bits. The system
will rapidly become unusable.
- 3. Buy a public key under a phoney name and start sending viruses
with a signature that is traceable to the fictitious identity. Since
key revocation works so poorly today, this will liekly be trusted for a
long time to come.
- 4. Buy a new phoney public key every few hours and send viruses
with them all.
- 5. Put a Trojan horse in a Word document to send out the users'
private key file. Actually, this was done earlier in 1999, so it's not
an original idea.
- 6. Put a virus in a Spread Sheet that sends out the users' private
key file. See #5 above.
- 7. Break into the user's computer by exploiting some other
weakness and forge their private key use.
- 8. Break into a user's system and listen to their keystrokes as
they type in the password used to reveal their private key (for systems
that protect the private key file with some other form of cryptography).
- 9. Guess the password on the 'locked' private key file stolen with
one of those techniques above.
- 10. Use a Trojan horse to disable cryptography without telling the
user about it, so that it looks like it is encrypting when it is not.
- 11. Revoke the key of a user who is still using their key. This
will cause them to have to re-register again and again and confuse the
whole system over time.
- 12. Get people to encrypt things you provide them, and use it to
get their private key. This was demonstrated to work in the early 1980s.
- 13. Break into a server that stores public keys and change them to
ones you specify.
- 14. Get into the Internet's DNS system and change the apparent
location of the various key servers on the net. The whole PKI system
will break down as no servers can be found anymore to verify anything.
- 15. Crash a few key servers that form the base of the PKI tree for
the users' you want to defeat and they will be unable to communicate
except in plaintext.
- 16. Observe the time taken to do encryption using peoples' private
keys and analyze the time differentials for different things encrypted
to derive the private key bits.
- 17. Use network time protocol forgeries to make some cryptosystems
get desynchronized. The overall effect for many key servers is that
they will no longer trust other servers and refuse to communicate with them.
- 18. As initial key distribution is done, place an attacking
machine between the machines exchanging keys and do a man-in-the-middle
attack to make each think you are the other. You will now be
permanently in the middle of all their communication.
- 19. Use a van-Eck attack to observe the 'secret' messages before
they are encrypted.
- 20. Use a van-Eck attack to observe the 'secret' messages after
they are decrypted.
- 21. Use video-viewing to observe the keyboard of the user as they
type in their keys.
- 22. Use video-viewing to observe the keyboard of the user as they
type in their messages.
- 23. Put a fake keyboard adapter between their keyboard and
computer and pick up the keys and messages as they are typed.
- 24. Break into the manufacturer of the PKI system and place a
Trojan horse into their system. Nobody will ever find it.
- 25. Pay the companies to put in a Trojan horse.
- 26. Force people to use key escrow, and then break the escrow
system through legal or extralegal means.
- 27. Limit key length to only a few hundred bits of key. The
government exploited this one for a long time - and still does.
- 28. Create a false distribution of a PKI system and put it into
the infrastructure as a replacement for the original. Then people will
download the Trojan version and think they have the real thing. The
'self-authentication' will of course claim it is legitimate.
- 29. Create a clever new crypto-algorithm that has a real subtle
backdoor and get lots of people to use it. You will be able to exploit
it while everyone thinks it's secure.
- 30. Use a parallel processor to break keys of limited length. This
has been successful against systems of current common key lengths.
- 31. Write a computer virus that implements a massively parallel
cryptoanalysis engine for breaking private keys. Distribute via the
- 32. Modify the pseudo-random number generator used by the
cryptosystem to generate keys so that they are relatively easy to guess.
Previous systems had poor random number generators so that modification
was not required.
- 33. Find a weakness in the random number generator used today by a
popular system and guess lots of real keys in use today. It's a good
bet you can do this if you are smart enough.
- 34. Cause the systems that generate the pseudo-random numbers to
have less randomness than they are assumed to have. Then they will
generate poor random numbers without having to do anything special.
- 35. Generate new private keys for users and plant Trojan horses in
their system to have the new keys registered without their knowledge or
consent. They you will have a copy of the private key.
- 36. Generate gobs and gobs of public key traffic and overload all
the servers with requests so that the whole system grinds to a halt.
- 37. Generate millions of public keys (they don't even have to be
legitimate) and push them into key servers to cause them to run out of
space and become slow at finding keys.
- 38. Corrupt the private key distribution packets used to encrypt
sessions so that private keys are wrong.
- 39. Disrupt the private key distribution process so that session
keys cannot be distributed.
- 40. Replay private key distribution in place of interrupted
distribution to force old keys to be reused, thus making these sessions
easier to break.
- 41. Store sessions and break them over a long period of time. For
most current systems, all of the content will be readable within a few
years with parallel processors. For many you can read them today if you
spend enough time and effort.
- 42. Bribe the person who is using the key to get access to the
- 43. During the electronic distribution of the cryptosystem,
corrupt a byte and watch the distribution fail. Do this again and again
and the system will fall into disrepute.
- 44. Create a false update for the cryptosystem and send it out to
users. When they load the update, it contains a Trojan horse that
defeats the system.
- 45. Most data exchanged via encryption is stored in plaintext.
Get access to the database where they store the information at either
end and defeat the value of the cryptosystem in assuring the
confidentiality and integrity of the underlying data.
- 46. Find one of the many flaws in the cryptographic protocol used
to do key exchange and private key distribution and exploit it to defeat
the cryptosystem. Current cryptographic protocols have been found to
have many vulnerabilities.
- 47. Convince the user to misuse the cryptosystem - for example -
to use a weaker cryptosystem because it's faster.
- 48. Corrupt the browser via a Trojan horse so that it makes it
look like the cryptosystem is in use when it is not. For example, make the
lock appear to be locked in Netscape.
- 49. Break into the certificate server and take the master
certificate. Then you can subvert the whole system without anyone
knowing about it.
- 50. Publish an article on 50 ways to defeat your PKI and
cryptosystem, thus eroding public confidence in PKI and making the
system less trusted from a public perception perspective. I think I
have done that by now.
It's 4:57 - no problem - I even responded to a few
unrelated emails along the way. Time to email it off to Richard and
take the kids to soccer.