Re: A Nasty Security Bug that affect PGP Virtual Disks & PGP SDA , PGP 8.x & 9.x and Truecrypt.
Dear thesinoda@xxxxxxxxxxx,
Sorry, but I see no security vulnerability here.
Disk encryption usually works this way:
1. Disk is divided to blocks (or files). Each block is encrypted with
random symmetric key to extend security and encryption/description
speed.
2. Block key is encrypted with user's public key (or sometimes symmetric
key)
3. User's private key (or shared symmetric key) is encrypted with
passphrase and is used for decryption.
If you change passphrase, you decrypt your key and encrypt it with news
one. Key itself is not changed, because if key is changed you will not
be able to decrypt files.
Then you give your disk with passphrase to someone - you actually share
your private key. This is the point YOU break security (or person who
accepts your key as his own). Now, you both share same key, and changing
passphrase to encrypt this key doesn't help. Actually, what you do with
cut-and-paster is restoring your key encrypted with old passphrase. It's
expected behaviour.
--Thursday, May 25, 2006, 12:55:35 AM, you wrote to bugtraq@xxxxxxxxxxxxxxxxx:
thc> * After changing the passphrase the OLD passphrase SHOULD NOT work.
thc> * Open pgpdisk.pgd and pgpdisk_backup.pgd in HEX editor
thc> e.g Ultraedit ONLY CHANGE WHERE YOU SEE A RED RECTANGULAR.
...
thc> * Do some copy and past from the back-up file into pgpdisk.pgd
--
~/ZARAZA
http://www.security.nnov.ru/