What is an algorithm substitution attack? How can my enterprise best defend against the threat?
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Attackers can swap the algorithm used, modify the existing algorithm or change the initial vector used to set up the encryption to use an insecure random number. These changes could be made by altering the cryptography libraries used by legitimate software or changing the software directly.
In a research paper by Mihir Bellare, Kenneth Paterson and Phillip Rogaway, there is an example of an attacker changing the algorithm used in a closed-source product to a less secure algorithm. Since the user cannot inspect the source code to identify the change, this type of attack is highly difficult to identify, and may even be classified as a supply chain security issue depending on when the application was tampered with.
This type of attack could also happen in open source software because few people have the cryptography skills needed to examine code and determine if algorithm security has been compromised. There could also be a weakness in the random-number generator used for the initial vector that could use the same random number to set up the encryption, making it easier to break the algorithm used.
Though few organizations have staff with sufficient expertise in cryptography to examine code and determine if an algorithm substitution attack has happened, enterprises can defend against algorithm substitution attacks by checking hashes on software used to validate authenticity of the software, using signed software and encryption software that has "survived" cryptanalysis.
Specifically, enterprises should check the hash on downloaded software to make sure it is the version from the vendor. They can also check to ensure the signatures on the files are the legitimate versions from the developers. This should be performed on a regular basis; files can be checked by file integrity monitoring software to monitor for changes. Any discrepancy in the hashes or signatures should be carefully investigated prior to using the software.
It is important to note that not all software with cryptography algorithms was written by skilled cryptographers -- and even software written by skilled cryptographers has implementation challenges. General software developers should use libraries provided for cryptography to ensure their software has a chance of being securely implemented.
The cryptographic community uses cryptanalysis to evaluate software for errors in cryptography. While this will not find all problems, it will reduce the risk of implementation issues in cryptography like an algorithm substitution attack.
Ask the Expert:
Want to ask Nick Lewis a question about enterprise threats? Submit your questions now via email.(All questions are anonymous.)
Get SearchSecurity's latest encryption news and advice
Dig Deeper on Disk and file encryption tools
Related Q&A from Nick Lewis
Antivirus software is crucial to your device's security. However, less is often more, especially when considering a secondary free antivirus program....continue reading
Bitdefender discovered that the NotPetya malware changes its behavior when Kaspersky security products are detected. Nick Lewis explains how the ...continue reading
The Katyusha Scanner is based on the open source penetration test scanner Arachni. However, it has been modified to work through Telegram accounts. ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.