Crypto flaw was so glaring it may be intentional eavesdropping backdoor
An open source network utility used by administrators and security professionals contains a cryptographic weakness so severe that it may have been intentionally created to give attackers a surreptitious way to eavesdrop on protected communications, its developer warned Monday.
Socat is a more feature-rich variant of the once widely used Netcat networking service for fixing bugs in network applications and for finding and exploiting security vulnerabilities. One of its features allows data to be transmitted through an encrypted channel to prevent it from being intercepted by people monitoring the traffic. Amazingly, when using the Diffie-Hellman method to establish a cryptographic key, Socat used a non-prime parameter to negotiate the key, an omission that violates one of the most basic cryptographic principles.
The Diffie-Hellman key exchange requires that the value be a prime number, meaning it’s only divisible by itself and the number one. Because this crucial and most basic of rules was violated, attackers could calculate the secret key used to encrypt and decrypt the protected communications. What’s more, the non-prime value was only 1,024 bits long, a length that researchers recently showed is susceptible to cracking by state-sponsored attackers even when prime numbers are used.