A Systematic Analysis of the Juniper Dual EC Incident

Checkoway, Stephen; Maskiewicz, Jacob; Garman, Christina; Fried, Joshua; Cohney, Shaanan; Green, Matthew; Heninger, Nadia; Weinmann, Ralf-Philipp; Rescorla, Eric; Shacham, Hovav

doi:10.1145/2976749.2978395

Cited by 59 publications

(36 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attackers changed the process for generating one of the random numbers in the encryption code, allowing them to decrypt sensitive traffic. 5 All of Juniper's customers were vulnerable.…”

Section: Attacks On Closed Source Softwarementioning

confidence: 99%

Poison in the Well: Securing the Shared Resources of Machine Learning

Lohn¹

2021

View full text Add to dashboard Cite

Modern machine learning often relies on open-source datasets, pretrained models, and machine learning libraries from across the internet, but are those resources safe to use? Previously successful digital supply chain attacks against cyber infrastructure suggest the answer may be no. This report introduces policymakers to these emerging threats and provides recommendations for how to secure the machine learning supply chain.

show abstract

“…Attackers changed the process for generating one of the random numbers in the encryption code, allowing them to decrypt sensitive traffic. 5 All of Juniper's customers were vulnerable.…”

Section: Attacks On Closed Source Softwarementioning

confidence: 99%

Poison in the Well: Securing the Shared Resources of Machine Learning

Lohn¹

2021

View full text Add to dashboard Cite

show abstract

“…For example, Matsumoto et al [50] focus on insider threats. Furthermore, national security agencies are reported to have bugged networking equipment [5] and networking vendors have left backdoors open [3,4,15], leading to additional threats.…”

Section: Related Workmentioning

confidence: 99%

Taking Control of SDN-based Cloud Systems via the Data Plane

Thimmaraju

Shastry

Fiebig

et al. 2018

Proceedings of the Symposium on SDN Research

View full text Add to dashboard Cite

Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of virtual machines in a flexible and "software-defined" manner. This paper raises the alarm on the security implications of virtual switches. In particular, we show that virtual switches not only increase the attack surface of the cloud, but virtual switch vulnerabilities can also lead to attacks of much higher impact compared to traditional switches. We present a systematic security analysis and identify four design decisions which introduce vulnerabilities. Our findings motivate us to revisit existing threat models for SDNbased cloud setups, and introduce a new attacker model for SDN-based cloud systems using virtual switches.

show abstract

“…They also attacked engineers at Belgacom, the largest ISP in Belgium, in order to gain access to traffic from its core routers [21]. An unknown adversary -thought to be a nation state -infiltrated Juniper Networks' code repository and inserted a cryptographic backdoor into the company's VPN products [9]. Similar operations could be used to access STEKs from high-value targets.…”

Section: The Stek As An Enabling Vectormentioning

confidence: 99%

Measuring the Security Harm of TLS Crypto Shortcuts

Springall

Durumeric

Halderman

2016

Proceedings of the 2016 Internet Measurement Conference

View full text Add to dashboard Cite

TLS has the potential to provide strong protection against network-based attackers and mass surveillance, but many implementations take security shortcuts in order to reduce the costs of cryptographic computations and network round trips. We report the results of a nine-week study that measures the use and security impact of these shortcuts for HTTPS sites among Alexa Top Million domains. We find widespread deployment of DHE and ECDHE private value reuse, TLS session resumption, and TLS session tickets. These practices greatly reduce the protection afforded by forward secrecy: connections to 38% of Top Million HTTPS sites are vulnerable to decryption if the server is compromised up to 24 hours later, and 10% up to 30 days later, regardless of the selected cipher suite. We also investigate the practice of TLS secrets and session state being shared across domains, finding that in some cases, the theft of a single secret value can compromise connections to tens of thousands of sites. These results suggest that site operators need to better understand the tradeoffs between optimizing TLS performance and providing strong security, particularly when faced with nation-state attackers with a history of aggressive, large-scale surveillance.

show abstract

A Systematic Analysis of the Juniper Dual EC Incident

Cited by 59 publications

References 24 publications

Poison in the Well: Securing the Shared Resources of Machine Learning

Poison in the Well: Securing the Shared Resources of Machine Learning

Taking Control of SDN-based Cloud Systems via the Data Plane

Measuring the Security Harm of TLS Crypto Shortcuts

Contact Info

Product

Resources

About