-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cryptographic API Misuse Vulnerability: Do not use zero or constant salts for PBE #347
Comments
Thank you for the report. As best I can tell, this is not an issue with our code, but rather with upstream Electrum: the vulnerable line is exactly the same in upstream: https://github.com/spesmilo/electrum/blob/f708e7f03edb155d45416ba77b760d8a00cb6055/electrum/storage.py#L169 . If you concur that upstream is equally affected, could you please notify upstream, and let me know when a fix is available that I can pull in? If you believe Electrum-NMC is uniquely affected, could you please explain why? |
Thank you for your response. I have already reported this issue to the upstream Electrum, but they haven't responded yet. I will notify you as soon as I receive a response from them. |
Great, thanks. |
Hey. Not sure where you reported it, I haven't seen it. Anyway, you are correct that the KDF is weak. It is a known issue, tracked here: spesmilo#3147 (re storage.py) Re digitalbitbox.py, that is out of scope; it is up to the respective hw manufacturer to choose that KDF. |
Thanks for response.I have sent an email to ThomasV according to security policy two days ago. And also with another weak hash issue.By the way, I will see the detail about KDF issue tomorrow,it's midnight here. |
Hello!
First and foremost, I would like to express my sincere gratitude for your contributions to this project.
Description:
I have identified a security vulnerability in the electrum-nmc project's that uses insecure salts for PBKDF for key derivation by our cryptographic api misuse detector. Specifically, the use of zero and constant salts in the key derivation function compromises the strength of the derived keys. Salts in PBE schemes are crucial for adding entropy and preventing attacks such as rainbow table attacks.
Locations:
https://github.com/namecoin/electrum-nmc/blob/master/electrum_nmc/electrum/plugins/digitalbitbox/digitalbitbox.py#L135
https://github.com/namecoin/electrum-nmc/blob/master/electrum_nmc/electrum/storage.py#L149
References:
CWE-330: Use of Insufficiently Random Values
CWE-326: Inadequate Encryption Strength
Recommendations:
Modify the PBE process to generate a secure random salt for each encryption operation.
for example
Immediate attention to this issue is recommended to maintain the privacy and security of electrum-nmc users.
The text was updated successfully, but these errors were encountered: