[Swan] DUHK Attack in fortigate, Cisco and others
Paul Wouters
paul at nohats.ca
Mon Oct 23 20:18:31 UTC 2017
FYI,
https://duhkattack.com/
Who is vulnerable?
Traffic from any VPN using FortiOS 4.3.0 to FortiOS 4.3.18 can be decrypted by a passive network adversary who can observe the encrypted handshake traffic. Other key recovery attacks on different protocols may also be possible.
We also found eleven other historically FIPS-certified implementations that document hard-coded X9.31 RNG seed keys in their products. We give the full list in our paper.
Sent from my iPhone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20171023/3fc168bd/attachment.html>
More information about the Swan
mailing list