RE: Relative Security Provided by Cached Domain Credentials?
From: Sergey V. Gordeychik (gordey_at_infosec.ru)
Date: 05/31/04
- Previous message: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
- Maybe in reply to: Zack Schiel: "Relative Security Provided by Cached Domain Credentials?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 31 May 2004 19:03:58 +0400 To: "Kevan Smith" <Kevan.Smith@tideworks.com>, "Kim Oppalfens" <Kim.Oppalfens@azlan.be>, "Nicolas RUFF (lists)" <ruff.lists@edelweb.fr>, <focus-ms@securityfocus.com>
Where are no native EFS-smartcard support in W2K and higher. I think because slow speed of smartcards.
But you can use EFS with smartcards because of caching EFS certificate and private keys.
You can find detailed explanation here:
http://www.securityfocus.com/archive/88/363013
It tested and working.
Thanks for you attention and sorry for my English.
**************************************************************************
Авторизованное обучение Microsoft по специализации Security в
Учебном центре "Информзащита"
http://www.infosec.ru/news/reliase/2004/03_18_04.htm
-----Original Message-----
From: Kevan Smith [mailto:Kevan.Smith@tideworks.com]
Sent: Wednesday, May 26, 2004 7:41 PM
To: Kim Oppalfens; Nicolas RUFF (lists); focus-ms@securityfocus.com
Subject: RE: Relative Security Provided by Cached Domain Credentials?
Thanks for the correction, Kim. I did some searching and confirmed that
Smart Card support for EFS does not exist in W2K, W2K3, or XP. I've
seen some speculation about Longhorn support, but nothing authoritative.
Unfortunate, especially considering the limitations Nicolas brought up
with profile-based certificate stores.
References:
http://www.infineon.com/cgi/ecrm.dll/jsp/showfrontend.do?lang=EN&channel
_oid=-11308
http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/cryptfs.msp
x (see Delegated Server Mode section)
Kevan S.
-----Original Message-----
From: Kim Oppalfens [mailto:Kim.Oppalfens@azlan.be]
Sent: Tuesday, May 25, 2004 6:56 AM
To: Kevan Smith; Nicolas RUFF (lists); focus-ms@securityfocus.com
Subject: RE: Relative Security Provided by Cached Domain Credentials?
I have seen mentioned the use of smartcards for efs certificates in this
thread a couple of times.
Although it would be nice in theory it was my understanding that this
cannot be used at present because not thought about in the efs API, so
during decreption or encryption for that matter only the personal
certificate store is checked for a key, not any smartcard related stuff.
At least that is what I understood about efs and smartcards.
Has any of you actually tested the smartcard solution, or it this how
you would theoratically handle it?
Kim Oppalfens
-----Original Message-----
From: Kevan Smith [mailto:Kevan.Smith@tideworks.com]
Sent: dinsdag 11 mei 2004 22:47
To: Nicolas RUFF (lists); focus-ms@securityfocus.com
Subject: RE: Relative Security Provided by Cached Domain Credentials?
We're testing the completeness of my understanding of Win2K3 PKIs, so
feel free to correct me, but as I understand it the situation isn't
quite as dire as Nicolas makes it sound.
True, EFS certificates (indeed, all user certificates) are stored either
in the users profile (locally on the client computer) or on a smartcard,
depending your implementation. With certs stored in your user profile,
the private key portion of the cert is stored locally on the client
computer, and possibly archived on the issuing CA *. These certs are
NOT available (to anyone) from other computers unless the user first
exports/imports his/her certificate to all his/her workstations.
So, even if an attacker cracks a user's password, he/she will still need
the certificate to access the EFS encrypted files, which requires that
they launch the attack while logged on locally to the victim's
computer(s).
Granted, it may be possible to drop a remote control backdoor on the box
to log on undetected, or do any number of other nasty things to achieve
the same effect, but it certainly raises the bar.
While AEFSDR (or similar tools) looks like a handy addition to any
administrators grab-bag, it doesn't lift any hurdles facing a hacker.
If the EFS encrypted data is important enough (or the user hops
workstations enough), you can remove the user's profile from the picture
by requiring smart cards for EFS. The key pairs are stored on the card
rather than the computer, allowing users to roam, and forcing the
attacker to acquire both the username/password to logon to the computer,
and the smart card/PIN to access the files.
Cheers,
Kevan S.
* Private/Public key pairs may be archived to the CA under the
following
circumstances:
- V2 certificate (V1 certificates cannot be archived)
- Issued FROM a Windows 2003 Enterprise or DataCenter edition CA
(not Standard Ed)
- Issued TO a user (as opposed to a computer)
- Issued FOR encryption/authentication purposes (not signing/
non-repudiation).
- Client certificate must be stored in the user profile. You
cannot
archive certificates issued to a smart card.
-----Original Message-----
From: Nicolas RUFF (lists) [mailto:ruff.lists@edelweb.fr]
Sent: Tuesday, May 11, 2004 11:02 AM
To: focus-ms@securityfocus.com
Subject: Re: Relative Security Provided by Cached Domain Credentials?
> triple DES from memory
>
>>On a related note to part of the discussion in the 'Restricting change
>>of local admin' thread, does anyone know of a non-brute force way to
>>break the encryption on cached domain credentials? Local accounts are
>>easily modified or reset, but I'm not aware of any similar exploits
>>for cached domain credentials. Given that EFS' effectiveness to
>>secure laptop-stored data in a domain environment lives and dies by
>>the security of the cached credentials, I'm curious to know just *how
>>much* more secure they are.
Hi,
About EFS :
-----------
- EFS encryption is 3DES (unless you have a restricted export version of
Windows), with a random FEK (File Encryption Key) for each file.
- FEK is encrypted with RSA, using the EFS User Certificate (Public
Key).
- Eventually, the user Private Key is encrypted with his Windows
Password.
So if you know the user password, you can decipher all EFS encrypted
files.
See "Advanced EFS Data Recovery" tool from ElcomSoft :
http://www.elcomsoft.com/aefsdr.html
About Cached Logons :
---------------------
Cached logons are stored in LSA Secrets and NL$ hidden keys. Basically,
it is a salted hash :
NTLMHash( username + NTLMHash(password) ) so you have to bruteforce. The
salt key is the username, so if you have N accounts to crack, it takes N
times the time to crack one account.
Since this attack is very time-consuming and has little chance to
succeed if user password > 6 chars, there is no public exploit
available. Hint : get an IDA Pro license if you want to know more :-)
-nicolas-
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- --------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Kevan Smith: "RE: Relative Security Provided by Cached Domain Credentials?"
- Maybe in reply to: Zack Schiel: "Relative Security Provided by Cached Domain Credentials?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
