Cryptology Annual News Update and Vignette

Bill Ricker

Sept 20, 2023

Cryptology News Bulletins 2022-09 to 2023-08

“Abundance of Caution” is C-suite lingo for “Oopsie, oh flying squirrel”

OpenSSL 3 near-critical patch (Oct-Nov 2022)

CVE-2022-37786 and CVE-2022-3602

Second-ever OpenSSL critical vulnerability teased, 10 years after Heartbleed

downgraded from critical to merely high; but still important.


Jill (NatickFOSS) notes that this makes things harder on Executors. It requires both physiology and BT devices.

How do you change phones securely but prevent *jacking a phone change?

(Bob (NatickFOSS) says Fido alliance can provide a backup dongle for executors that overrides eyeball+phone in range?)

Integer Overflow in extended precision arithmetic

Changes for libgmpxx4ldbl versions: Installed version: None Available version: 2:6.2.0+dfsg-4ubuntu0.1 Version 2:6.2.0+dfsg-4ubuntu0.1:

Version 2:6.2.0+dfsg-4:

[ Steve Robbins ] * Add breaks for packages known to be broken by GMP 6.2.0. Closes: #950608.

LastPass break update

[2022.12.26] Last August, LastPass reported a security breach, saying that no customer information—or passwords—were compromised. Turns out the full story is worse

possibly exploited to steal Craptocoyns ?!

Did victims have a weak passphrase, or were they actually victims of a Wallet breach and blaming it on LastPass ?

“ZENBLEED” - “Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix”

“Zenbleed” bug affects all Zen 2-based Ryzen, Threadripper, and EPYC CPUs.

July: <Ars>; <CVE-2023-20593>; all Zen 2 products in shared use. Fix has up-to 15% performance impact except gaming? (Your gaming system ought not be running others’ work anyway!)
<Cloudflare analysis + remediation>

& August: <HN: Collide+Power, Downfall, Inception>; <Google Security Blog: Downfall + Zenbleed>

Backdoor? in TETRA TEA1 encrypted Police radios

80-bit commercial export-semi-restricted TEA1 key has far less than 80 bits entropy, deemed intentional backdoor – one of 5 CVEs resulting from reverse engineering.

The also found inadequate entropy in IV, using spoof-able network time, in the protocol, so applies to all TEA{1..4} levels. Incompetence or backdoor? Unclear.

ChatGPT implements Dunning-Kruger Crypto

Miguel de Icaza

Tired: don’t implement your own cryptographic stack
Wired: have Chat-GPT write it for you

If you want greater efficiency in writing bugs …

Similarly, reports seen that AutoPilot etc will cough up someone else’s secret key in suggested source code for a secret-key encryption module. Because it memorizes whatever it sees, and regurgitates on command.

Existence of Fernet Encryption implies Existence of Malört Encryption?

Fernet is Python recipe for symmetric encryption with authentication, using AES-128 CBC, SHA-256, PKCS#7 - so if competently implemented and application key mgt is likewise competent, could be better than Fernet/Malört simile might imply.

Fernet also supported in Scala, Rust, Perl.

Malware has started using Fernet for their payloads!

Should Fernet-using Malware be called Malörtware ?


Key management is hard

Craptocoyns aren’t crypto and aren’t coins

It’s Ponzi all the way down.

Bitcoin - the most successful bug bounty program ever

… continued …

Craptocoyns: Wallet Key loss = bankruptcy

“Craptocoyn startup loses wallet key”


The cryptocurrency fintech startup Prime Trust lost the encryption key to its hardware wallet—and the recovery key—and therefore $38.9 million. It is now in bankruptcy.

ironic name!

I can’t understand why anyone thinks these technologies are a good idea.

agree totally.

Craptocoyns: “MILKSAD”: Cryptographic Flaw in Libbitcoin Explorer Cryptocurrency Wallet

More Dunning-Kruger crapto? or intentional backdoor to facilitate thefts?

Low entropy, non-random seed (clock) renders a secure PRNG insecure; lib docs supposedly have caveat not to use the bx seed but general Bitcoin docs recommend using it for wallet generation.

“Never attribute to malice that which is adequately explained by incompetence.”

But … as a scam it looks pretty smooth.

Crypto News Feature: updating Post Quantum Cryptography

Review: What’s Quantum Computing?

See last year’s status

Quantum Superposition when used for computing.

Review: Kinds of Quantum Hardware

Review: We’re discussing PQC before QC?

Yes !

Review: What’s the problem?

Review: Generalization of Forward Secrecy

Review: NIST’s Post-Quantum Cryptography Standards

The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks. – NIST

Review: NIST PQC Competition

National Institute of Standards & Technology started a multi-round competition, similar to with AES and SHA3 competitions

PQC 2023

Quantum Cracking / PQC Update

[2023.02.28] CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process. Researchers have just published a side-channel attack—using power consumption—against an implementation of the algorithm that was supposed to be resistant against that sort of attack. The algorithm is not “broken” or “cracked”—despite headlines to the contrary—this is just a side-channel attack. What makes this work really interesting is that the researchers used a machine-learning model to train the system to exploit the side channel.

OTOH as seen in TETRA:BURST, a side-channel attack can be used to extract key or algorithm from a piece of equipment that falls into opponent lab.

NIST PQC Schedule

REVIEW: Known weaknesses

Isn’t non-random or uniformly-blank Salt an unlikely failure?

No. It’s happened.

History Vignette - Philips PX-1000Cr - NSA and the consumer

Text Lite “pocket telex” / pocket teletype

NSA Logo + PS1000 mashup by Klaus Schmeh

red-code-button - Crypto Museum.jpg

Analysis Timeline

Bibliography & Footnotes

My talks

The YouTube of this presentation will be linked on <> along with these slides and extended notes etc as <2023-sep> as per usual.

Prior talks in this series - most talks have slides &/or YouTube attached, sometimes extras.
Alas the YouTube audio pre-pandemic wasn’t great, BLU will need a donation of a wireless clip-on mike if we ever return to Hybrid/In-Person meetings. Or we all need to wear a wired or BT headset while presenting in person?

News + Focus

News and Focus sections have embedded links.

Good security news streams to either research history or to follow year round are and, the latter being less cryptologic and more operational in focus – but both cover the wide span of vulnerabilities, tools, remediations, etc, not just the cryptologic that I’m cherry-picking here.
Highly recommended.
Start your day with the 5 minute SANS Internet Storm Center StormCast pod-cast; the Red Team is, so, so should you.

Historical Vignette - Bibliography specific for this year

Cryptologic History - general references

  1. See our prior discussions of GEE, VENONA for breaks of One Time Pad↩︎

  2. DSA-1571-1 openssl predictable random number generator <CVE-2008-0166> <Schneier> ↩︎