First of all, on one side theres a group of crackers that call themselves the EvilScientists. With a name like that, you can almost see them wringing their hands while hunched over their keyboards and saying "Moo-wah-hah-hah!" (Or what ever villains say in Germany these days.)
On the other side, the valiant but somewhat dim Cisco (rumored to have a small amount of institutional brain damage); protector of the bits that make up the Internet and purveyor of the boxes that steer these bits one way or another.
The Evil Scientists (actually, HAL 9000 is the specific scientist here) initiate the fun by publishing a tool to reveal the saved passwords that reside in the local profile file of a Cisco VPN Client. Its a rock with a message wrapped around it being thrown through the stained glass windows of the Cathedral Cisco.
Not content with that, the ES publish exactly how the stored keys are encrypted before they are stored. Its actually a fairly simple method.
In outline form, it looks like this:
The current date as a string is retrieved (e.g. Mon Sep 19 20:00:00 2005)
A SHA-1 Hash h1 is then computed (20 Bytes)
h1 is modified and a new hash (h2) is calculated.
h1 is again modified and h3 is calculated.
The 3DES key is made of h2 and the first 4 bytes of h3.
The password is encrypted using 3DES in CBC Mode. (The IV consists of the first 8 bytes from h1.)
The algorithm computes a last hash h4 from the encrypted password
The key "enc_UserPassword" in the profile file now looks like this: h1|h4|encrypted password.
Clay Kossmeyer, of the Cisco PSIRT, responded to the disclosures with the equivalent of a yawn. He noted in a letter circulated to the community that, "This issue is related to a Security Notice that the Cisco PSIRT released in October of 2004." Ciscos public announcement can be found here.
"The Cisco VPN 3000 Series has a configuration option that does not allow the storage of the user password in the VPN client," Kossmeyer said. "For customers that are concerned about the recovery of the user password, the option can be disabled to prevent local storage of the user password."
Kossmeyer went on to note that "The default configuration of the VPN 3000 Series does not allow client password storage. Additionally, this attack only affects passwords that are static and reused for login to the VPN network. Customers using one-time passwords and certificates to connect are unaffected."
So, the Cisco response reminds one of the old chestnut where a patient says to his doctor that his arm hurts when he moves it and the doctor says "Dont move it." Rather than change the encryption or ameliorate the disclosure, Cisco says just dont store the passwords locally. Why, then, was this ability to store passwords even put into the VPN client? What if some systems need this? What are they to do, Cisco?
The game just keeps going on. Just the players change.
Larry Loeb was consulting editor for BYTE magazine and senior editor of WebWeek. He serves as a subject matter expert for the Department of Defenses Information Assurance Technology Analysis Center, and is on the American Dental Associations WG-1 and MD 156 electronic medical records working groups. Larrys latest book is "Hackproofing XML," published by Syngress (Rockland, Mass.). If youve got a tip for Larry, contact him at email@example.com.