Protected Store Key Length

DOVES Vulnerability V-00104

DOVES Project
Computer Security Laboratory
Department of Computer Science
University of California at Davis

Description

Brief summary: The length of the key used to encipher private keys and certificates in the Protected Store part of the CryptoAPI is 40 bits.

Detailed description: As part of the CryptoAPI of Windows 2000, Microsoft provides an area to place private keys and certificates. The sensitive nature of this data means it should be the most strongly protected data on the system. Microsoft uses both system-based access control mechanisms and cryptographic mechanisms to provide this protection. However, the cryptographic mechanism uses 40-bit long keys, even if the stronger (56-bit or 168-bit) encryption tools are on the system.

The threat is that an attacker gainsAdministrator access to the Windows 2000 system. The attacker then need find only a 40-bit key. This is feasible through trial and error. If the key were 156 bits, trial and error attacks no longer are feasible.

Components: kernel

Operating system(s): Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced ServerAn attacker can read private keys and certificates.

How to detect:

Check the date of the DLL "psbase.dll". If that is earlier than July 25, 2000, you are vulnerable. If you have installed Windows 2000 Service Pack 1, you are not vulnerable.

How to fix:

Install the Microsoft patch and re-encipher the data in the Protected Store.
1. Download the patch for "psbase.dll" and the re-encipherment program and install them.
2. Have every user run the keymigrt.exe tool included in the patch. This re-enciphers their data with a longer key. Note the user's cryptographic key is derived from their login password, so Administrator cannot do it for them!

Other information:

Keywords

key length, cryptography, protection, certificate, keys

Cataloguing Information

PA Classification:

RISOS Classification:

Davis Classification:

Common Vulnerability Exposure: The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability. [CAN-2000-0487]

Exploits

Attacks:

Related Information

Microsoft Knowledge Base article Q260219, High Encryption Pack Does Not Protect Windows 2000 Private Keys

Advisories:

Microsoft Security Bulletin MS00-032, Patch and Tool Available for "Protected Store Key Length" Vulnerability ;
Security Focus database entry #1295, Microsoft Windows 2000 Default 40-bit Encrypted Protected Store Vulnerability

History

Who reported it: Microsoft Corp. in Microsoft Security Bulletin MS00-032 on June 1, 2000: reported the problem and gave a patch

Revision #1

Matt Bishop on 7/31/2000
Initial entry

Send email to doves@cs.ucdavis.edu

Department of Computer Science
University of California at Davis
One Shields Ave.
Davis, CA 95616-8562

Page created August 28, 2000 at 16:41:45 GMT