OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: nCipher Support (supportnCipher.com)
Date: Mon May 13 2002 - 10:44:29 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    SUMMARY
    =======

    In certain circumstances, the nCipher MSCAPI CSP Install Wizard support
    software on Windows 2000 will set the nCipher CSP key generation
    behavior incorrectly. Despite the user requesting Operator Card Set
    protection for keys (`cardset protected keys') that are generated using
    the nCipher CSP, a software error might result in keys being protected
    by the module alone.

    BACKGROUND
    ==========

    1. Security world
    -----------------

    nCipher's key management modules (nForce/nShield) are generally
    used with nCipher's suite of utilities for managing a `security
    world'. A security world is a collection of cryptographic keys,
    smart cards, modules and associated data stored on host computers.
    A security world is designed to prevent unauthorized access to
    application keys while maintaining scalability and key availability.

    The core security world secrets are protected by Administrator Cards
    written by the initialization software and kept safe by the user.

    Application keys can either be made available to any nCipher module
    appropriately programmed with the user's Administrator Cards (module
    protected keys) or they can be protected by further smart cards known as
    Operator Cards that provide an additional layer of security.

    2. The nCipher CSP
    ------------------

    If the CSP is set up to use module-protected keys, when applications
    tell the CSP to create a key, it needs no input from the user. If the
    CSP is set up to use Operator Cards and is told to create a key, it
    first looks to see if there are any cards which it can load
    automatically, and uses those if any are present. If not, it prompts
    the user to choose which Operator Card Set to use.

    ISSUE DESCRIPTION
    =================

    1. Cause
    --------

    The Install Wizard for the nCipher CSP support software on Windows 2000
    offers a check box for controlling whether a key to be generated is
    module protected or to be additionally protected by an Operator Card
    Set.

    When the Install Wizard is used to create an Operator Card Set then the
    nCipher CSP key generation behaves as requested by the user.

    If cardset protection is selected from the Install Wizard but a new
    Operator Card Set is *not* created, the wizard incorrectly sets the
    nCipher CSPs up to use module protection for all keys that they
    subsequently create.

    2. Impact
    ---------

    If the user is affected by this issue, any application key generated
    by the nCipher CSP will be incorrectly protected by the module alone,
    rather than by a combination of operator card set and module.

    This means that an attacker, who gains control of any nCipher module,
    that
    has been programmed into the key's security world can gain unauthorized
    access to this key, since no further smart card authorization is
    required.

    3. Who May Be Affected
    ----------------------

    This problem only affects keys that have been generated by the nCipher
    CSP after the Install Wizard from CD version 5.50 has been run.

    The problem does not affect keys that were

    * generated by any software other than the nCipher CSP, or

    * generated by the nCipher CSP using the Install Wizard from any CD
      other than version 5.50.

    4. How To Tell If You Are Affected
    ----------------------------------

    To find out whether you're affected, run `c:\nfast\bin\csputils.exe -d'
    from the command line. This will give you a detailed summary of all your
    containers and information for the keys they contain.

    Each key (key exchange and/or signature) will have a description
    including whether or not it was generated by the nCipher CSP, its hash,
    and its protection method.

    A cardset protected key (here stored in a container called `expimptst')
    will have an entry like the following (lines have been truncated for
    clarity):

       Detailed report for container ID #cbfb7b11909b40ddc50da759d6029...

       Filename: key_mscapi_container-cbfb7b11909b40ddc50da759d6...
       Container name: expimptst
       User name: NCIPHER\james
       User SID: s-1-5-21-1594850079-719136693-34565100-1111
       CSP DLL name: ncsp.dll
       No signature key.
       Filename for key exchange key is key_mscapi_expimptst-ncsp-ujam...
          Key was generated by the CSP
          Key hash: 92c60edf376c26e9ee76db3a2a70dd031636a218
          Key is recoverable.
          Key is cardset protected.
             Cardset name: mscapi-grimsby
             Sharing parameters: 1 of 1 shares required.
             Cardset hash: 4eb80f966c13bd735cb50f29ef19e5e...
             Cardset is persistent.

    and a module protected key will have one like the following:

       Filename: key_mscapi_container-32a16394a3ffe52eb4db1127d8...
       Container name: james
       User name: NCIPHER\james
       User SID: s-1-5-21-1594850079-719136693-34565100-1111
       CSP DLL name: ncsp.dll
       No signature key.
       Filename for key exchange key is key_mscapi_6fa4c59efefb6c01db6...
          Key was generated by the CSP
          Key hash: 6fa4c59efefb6c01db6eca9f1eadbb17158fc2a8
          Key is recoverable.
          Key is module protected.

    If you have keys unexpectedly module protected when they should be
    cardset protected you are affected by this bug.

    REMEDY
    ======

    1. Users who have NOT already created a key with the wrong protection
    ---------------------------------------------------------------------

    In order to force MSCAPI applications to generate cardset protected keys
    a file `wizardfix.reg' should be created containing the following text:

    ------------ CUT HERE --------------
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\nCipher\Cryptography]
    "UseModuleKeys"=dword:0000000
    ------------ CUT HERE --------------

    This file can then be run by the user to change the appropriate registry
    entry that determines the behavior of key generation using the nCipher
    CSP.

    Alternatively, the user can edit the registry value specified above
    directly using `regedit'.

    The registry setting must be reset using either of the above methods
    after each invocation of the affected nCipher CSP Install Wizard.

    2. Users who have already created a key which is erroneously module
       protected
    -------------------------------------------------------------------

    Users who have already generated keys which were intended to be cardset
    protected, but due to this error are not, are advised to apply the above
    registry fix and generate new keys. nCipher recommends against
    converting existing module-protected keys to cardset-protected status,
    since it is extremely difficult to do this in a way that increases
    security.

    SOFTWARE DISTRIBUTION AND REFERENCES
    ====================================

    You can obtain copies of this advisory, advice on obtaining a patch kit,
    and supporting documentation from the nCipher security advisories Web
    site:

        http://www.ncipher.com/support/advisories/

    Further information
    -------------------

    General information about nCipher products:
        http://www.ncipher.com/

    nCipher Developer's Guide and nCipher Developer's Reference
        http://www.ncipher.com/documentation.html

    nCipher Support
    ---------------

    nCipher customers who require support or further information regarding
    this problem should contact supportncipher.com.

    (c) nCipher Corporation Ltd. 2002

    $Id: advisory3.txt,v 1.19 2002/05/10 17:18:11 mknight Exp $