Tensegrity
Elite Member
- Apr 22, 2009
- 1,849
- 988
http://www.informationweek.com/security/encryption/mega-insecure-kim-dotcom-defends-reboote/240146801
"Chief among the security sins, Marcan said, is the hashing of files using the cryptographic technique known as http://en.wikipedia.org/wiki/CBC-MAC -- better known as CBC-MAC - which, as the name implies, is meant to authenticate messages rather than be used as a http://www.informationweek.com/security/encryption/sha-3-secure-hash-algorithm-new-face-of/240008394. "A few people have asked what the correct approach would've been here," he said. "The straightforward choice would've been to use SHA1, though MD5 or SHA256 -- for the more paranoid -- would also have worked well."Thanks to using CBC-MAC, however, the Mega service is vulnerable to having uploaded files intercepted. "If you were hosting one of Mega's CDN [content delivery network] nodes (or you were a government official of the CDN hoster's jurisdiction), you could now take over Mega and steal users' encryption keys," Marcan said. "While Mega's sales pitch is impressive, and their ideas are interesting, the implementation suffers from fatal flaws. This casts serious doubts over their entire operation and the competence of those behind it."
"
I'd like to say I'm not surprised but it is rather shocking.
"Chief among the security sins, Marcan said, is the hashing of files using the cryptographic technique known as http://en.wikipedia.org/wiki/CBC-MAC -- better known as CBC-MAC - which, as the name implies, is meant to authenticate messages rather than be used as a http://www.informationweek.com/security/encryption/sha-3-secure-hash-algorithm-new-face-of/240008394. "A few people have asked what the correct approach would've been here," he said. "The straightforward choice would've been to use SHA1, though MD5 or SHA256 -- for the more paranoid -- would also have worked well."Thanks to using CBC-MAC, however, the Mega service is vulnerable to having uploaded files intercepted. "If you were hosting one of Mega's CDN [content delivery network] nodes (or you were a government official of the CDN hoster's jurisdiction), you could now take over Mega and steal users' encryption keys," Marcan said. "While Mega's sales pitch is impressive, and their ideas are interesting, the implementation suffers from fatal flaws. This casts serious doubts over their entire operation and the competence of those behind it."
"
I'd like to say I'm not surprised but it is rather shocking.