Soylent News
Big Data Busts Crypto: 'Sweet32' Captures Collisions in Old Ciphers
posted by janrinok on Wednesday August 31, @09:46AM
http://7rmath4ro2of2a42.onion/article.pl?sid=16/08/31/0710222
http://www.theregister.co.uk/2016/08/29/big_data_busts_crypto_sweet32_captures_collisions_in_old_ciphers/
Researchers with France's INRIA are warning that 64-bit ciphers – which endure in TLS configurations and OpenVPN – need to go for the walk behind the shed. The research institute's Karthikeyan Bhargavan and Gaëtan Leurent have demonstrated that a man-in-the-middle on a long-lived encrypted session can gather enough data for a "birthday attack" on Blowfish and triple DES encryption. They dubbed the attack "Sweet32". Sophos' Paul Ducklin has a handy explanation of why it matters here. The trick to Sweet32, the Duck writes, is the attackers worked out that with a big enough traffic sample, any repeated crypto block gives them a start towards breaking the encryption – and collisions are manageably common with a 64-bit block cipher like Blowfish or Triple-DES. They call it a "birthday attack" because it works on a similar principle to what's known as the "birthday paradox" – the counter-intuitive statistic that with 23 random people in a room, there's a 50 per cent chance that two of them will share a birthday. In the case of Sweet32 (the 32 being 50 per cent of the 64 bits in a cipher), the "magic number" is pretty big: the authors write that 785 GB of captured traffic will, under the right conditions, yield up the encrypted HTTP cookie and let them decrypt Blowfish- or Triple-DES-encrypted traffic. [...] "Our attacks impact a majority of OpenVPN connections and an estimated 0.6% of HTTPS connections to popular websites. We expect that our attacks also impact a number of SSH and IPsec connections, but we do not have concrete measurements for these protocols" (emphasis added).