Can you still trust your network card? - Agence nationale de la ...

More documents

Recommendations

Info

Remote administration protocols Summary Card’s behavior when using ASF When it receives a packet, the card ◮ intercepts the packet; ◮ before transmitting it to the OS; ◮ checks if it is a RMCP packet; ◮ process it: ◮ open/close session, ◮ send system state informations, ◮ perform system administration tasks, ◮ the packet is NOT transmitted to the host. SGDSN/ANSSI – http://www.ssi.gouv.fr/trustnetworkcard 22/51
Protocol analysis Protocol security Protocol security (1/2) Potential issues ◮ protocol uses 160bit pre-shared keys, which means all clients might have the same keys; ◮ messages are integrity protected but the integrity pattern does not include message ID; ◮ in order to act as the console, an attacker just has to send a RAKP3 with a valid HMAC. Exploitation ◮ is it possible to forge the HMAC? ◮ can the client act as a integrity oracle? SGDSN/ANSSI – http://www.ssi.gouv.fr/trustnetworkcard 23/51
Page 1 and 2: Can you still trust your network ca
Page 3 and 4: Impacts on security If an attacker
Page 5 and 6: What won’t be described today Thi
Page 7 and 8: Network interface controller The Ne
Page 9 and 10: Network interface controller The Ne
Page 11 and 12: Remote administration protocols ASF
Page 17 and 18: Remote administration protocols RMC
Page 19 and 20: Remote administration protocols RMC
Page 21: Remote administration protocols Sum
Page 25 and 26: Protocol analysis Implementation pr
Page 27 and 28: The vulnerability Instrumenting the
Page 37 and 38: The vulnerability Crash analysis Ch
Page 39 and 40: The vulnerability Crash analysis Ex
Page 41 and 42: The vulnerability Crash analysis St
Page 43 and 44: Real impact What can be done in the
Page 45 and 46: Real impact Controlling the host Us
Page 47 and 48: Real impact Controlling the host De
Page 49 and 50: Real impact Controlling the host Co
Page 51: Real impact Controlling the host Qu

Can you still trust your network card? - Agence nationale de la ...

Create successful ePaper yourself

Delete template?

Save as template?