5/13/2023 0 Comments Signal secure messagingSignal will only check the (small) beginning of the file, whereas the user will actually receive the much larger file."Īlthough Signal uses end-to-end encryption to encrypt the messages on the sender's device and decrypt it only on the receiver's end, the encrypted messages still pass through a server, allowing attackers to carry out the message authentication bypass attack by hacking or impersonating as a server and then tampering with legitimate message attachments. "Consequently, a large part of the file will be ignored when Signal will verify the cryptographic authenticity. "Therefore, when 'file.length()' is longer than what fits in a 32-bit number, the value of 'remainingData' (the number of bytes left to process) will be incorrect, as it will be much smaller than the real size of the file," Aumasson explained. The receiving variable 'remainingData' is a number encoded on 32 bits (of type 'int').The value 'file.length()' is a number encoded on 64 bits (of type 'long').Int remainingData = (int) file.length() - mac.getMacLength() While talking to Ars Technica, Aumasson said he found the integer overflow bug in the following line of code: However, in the case of attachments, Signal does not verify the authenticity of the entire file instead it just checks a small portion of it, making it possible for hackers to attach pseudorandom data to the legitimate attachment that wouldn't be detected by the MAC.įor a successful attack, an attacker could make use of Signal's file compression feature to reduce the size of his malicious attachment to a manageable 4 megabytes. But, what does it mean?Īctually, as a part of standard encryption schemes, encrypted messaging services make use of Message Authentication Code (MAC) to authenticate a message - in other words, to confirm that the message came from the sender has not been changed in transit. The flaw is due to an integer overflow bug, which is triggered only if an extremely large file, at least 4 gigabytes in size, is attached to a Signal message. Discover the Hidden Dangers of Third-Party SaaS AppsĪre you aware of the risks associated with third-party app access to your company's SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |