=================================================== Advisory: Password Disclosure in Cryptainer Vendor: SecureSoft http://www.cypherix.com Download Location: http://www.cypherix.com/downloads.htm Versions affected: Cryptainer PE and Cryptainer 2.0 Date: 16th December 2002 Type of Vulnerability: Information Disclosure in Memory of Process Severity: Medium
Discovered by: K. K. Mookhey (email@example.com) Network Intelligence India Pvt. Ltd. (http://www.nii.co.in) Online location: http://www.nii.co.in/vuln/crypt.html ===================================================
>From vendor website: "Cryptainer PE's ease of use together with its powerful 448 bit strong encryption provides file security without changing the way you work. It creates a 100MB encrypted drive that can be loaded and unloaded as required. It combines ease of use and simple drag-and-drop operations with powerful 448 bit strong encryption ensuring total security with phenomenal ease of use and maximum convenience!" Both products use the Blowfish algorithm.
Both the versions of Cryptainer store the password in clear text in the memory of the process without encrypting it or nullifying it. This password is clearly visible as long as the following two conditions are satisfied: 1. The user has entered the password at least once 2. Cryptainer is loaded The encrypted volume may or may not be loaded. Since this product comes with an option to minimize to the System Tray, it is quite likely that the user would keep Cryptainer running without loading the encrypted volume containing the encrypted files. In such a case, a user might assume that since the encrypted volume is not loaded, his files are safe. But an intruder who is able to dump the memory of the running process can ferret out the password with relative ease. Besides the password, the physical path of the volume is also clearly visible. Also Cryptainer does not provide a limit to the number of wrong password attempts. So an intruder must collect the memory dump, and copy the physical location of the logical volume (which is actually one big file) onto his machine, and then run Cryptainer and check all the strings in the memory dump for the correct password.
A similar vulnerability was found in Password Safe written by crypto-guru Bruce Schneier. This was acknowledged by him and addressed by the developer of the open source version of this product. Bruce Schneier's response is here: http://www.counterpane.com/crypto-gram-0111.html#6
First of all, the intruder would need to have physical access to the PC in order to gather a physical dump. Moreover, it would be necessary to have Cryptainer running - either with the encrypted volume loaded or unloaded. This however is not so uncommon. On the other hand, it is in the event of a physical intrusion, that one would need the encryption software to protect one's data. Therefore, the physical access event must be assumed as having occured. Then, the estimated probability of a compromise must be that of Cryptainer running in the System Tray, and the user having used the software at least once.
The vendor response is somehow not so clear. We have corresponded with them repeatedly since November 23rd. The essence that we have been able to make out is that they will probably look into it in their next release sometime in the first quarter of 2003. Their contention is also that with the kind of physical access required for this to work, the intruder might as well install a keylogger.
Do not keep Cryptainer minimized in the System Tray even if you have unloaded the encrypted volume. Exit the software as soon as you have finished encrypting/decrypting the files, by clicking on the Shutdown and Exit button.
The software is still pretty secure, and if you do not keep Cryptainer in the System Tray you should be safe.
K. K. Mookhey CTO, Network Intelligence India Pvt. Ltd. Tel: 91-22-22001530, 22006019 Email: firstname.lastname@example.org Web: www.nii.co.in ================================= The Unix Auditor's Practical Handbook http://www.nii.co.in/tuaph.html =================================