Home > CAPEC List > CAPEC-485: Signature Spoofing by Key Recreation (Version 2.11)  

CAPEC-485: Signature Spoofing by Key Recreation

 
Signature Spoofing by Key Recreation
Definition in a New Window Definition in a New Window
Attack Pattern ID: 485
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

+ Attack Prerequisites
  • An authoritative signer is using a weak method of random number generation or weak signing software that causes key leakage or permits key inference.

  • An authoritative signer is using a signature algorithm with a direct weakness or with poorly chosen parameters that enable the key to be recovered using signatures from that signer.

+ Typical Severity

High

+ Typical Likelihood of Exploit

Likelihood: Low

+ Methods of Attack
  • Protocol Manipulation
  • Analysis
  • API Abuse
  • Brute Force
  • Spoofing
+ Attacker Skills or Knowledge Required

Skill or Knowledge Level: High

Cryptanalysis of signature generation algorithm

Skill or Knowledge Level: High

Reverse engineering and cryptanalysis of signature generation algorithm implementation and random number generation

Skill or Knowledge Level: High

Ability to create malformed data blobs and know how to present them directly or indirectly to a victim.

+ Solutions and Mitigations

Ensure cryptographic elements have been sufficiently tested for weaknesses.

+ References
P.J. Leadbitter, D. Page and N.P. Smart. "Attacking DSA Under a Repeated Bits Assumption". http://www.iacr.org/archive/ches2004/31560428/31560428.pdf. 2004-07.
Debian Security. "DSA-1571-1 openssl -- predictable random number generator". http://www.debian.org/security/2008/dsa-1571. 2008-05-13.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2014-06-23Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017