Vigil@nce - McAfee NSM: decrypting via DUAL_EC_DRBG
March 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can predict random numbers used by McAfee NSM, in
order for example to decrypt data.
Impacted products: McAfee NSM
Severity: 1/4
Creation date: 07/03/2014
DESCRIPTION OF THE VULNERABILITY
The McAfee NSM product uses the RSA BSafe cryptographic library.
BSafe enables by default the DUAL_EC_DRBG (Dual Elliptic Curve
Deterministic Random Bit Generation) algorithm. However, in some
cases, random numbers generated by DUAL_EC_DRBG are predictable.
An attacker can therefore predict random numbers used by McAfee
NSM, in order for example to decrypt data.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/McAfee-NSM-decrypting-via-DUAL-EC-DRBG-14377