Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

TripleDESCryptoServiceProvider - vulnerable to Denial of Service?

Tags:

cryptography

encryption

tripledes

denial-of-service

We have a legacy ASP.NET site which uses the encryption methods here:

http://www.codekeep.net/snippets/af1cd375-059a-4175-93d7-25eea2c5c660.aspx

When we call the following method, the page loads very slowly and eventually Connection Reset is returned:

Decrypt(" ", true);

If the method is called multiple times in subsequent page requests, the Application Pool goes down.

This is occurring on a Windows 2008 server running .NET framework v3.5.

I narrowed the problem down to the TransformFinalBlock() call.

NOTE: on Cassini, I do not get a connection timeout; instead the following exception is thrown:

System.Security.Cryptography.CryptographicException: Bad Data

Calling Decrypt() for other strings causes no problems in any environment.

Why is this happening? Is it a bug in TripleDESCryptoServiceProvider?

Obviously, I could filter the cipherString to reject " " and avoid this particular issue. However, I am worried that some other cipherString values that I am not suspecting will cause the DoS.

UPDATE 2011.06.28

The following is the minimal code to reproduce the issue:

// problem occurs when toEncryptArray is an empty array {}
      byte[] toEncryptArray = {};

      MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
      byte[] keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes("dummy_key"));
      hashmd5.Clear();

      TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
      tdes.Key = keyArray;
      tdes.Mode = CipherMode.ECB;
      tdes.Padding = PaddingMode.PKCS7;
      ICryptoTransform cTransform = tdes.CreateDecryptor();

      // the following line can crashes the ASP.NET Application Pool (may need to call multiple times).
      byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);

      tdes.Clear();
like image 591
frankadelic Avatar asked Nov 13 '22 21:11

frankadelic

1 Answers

The issue, as mentioned above, is that the decryption logic does not properly handle the case where the input cipher is a zero-length array.

A ticket was created for this:

http://connect.microsoft.com/VisualStudio/feedback/details/678150/denial-of-service-in-tripledescryptoserviceprovider

Note, it seems to work OK when running .NET framework 4.0.

like image 75
frankadelic Avatar answered Dec 31 '22 10:12

frankadelic
Sign in to Comment

Related questions

How to Encrypt and Decrypt column values use it in both nativeQueries and JPA?
encryption with php
Ideas for multiplatform encrypted java mobile storage system
how to protecte .net application of cracking
encrypt a file on iphone-sdk
Android 2.1: Bluetooth Encryption
HTTPS on iPhone - What kind of encryption?
Error occurred while decoding OAEP padding
C# Example of AES256 encryption using System.Security.Cryptography.Aes

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!