Is Your Router Secure?

Many current routers, and other network devices, now support secure encrypted sessions using SSL (Secure Socket Layer) or its successor protocol, TLS (Transport Layer Security).  The objective is to prevent anyone “eavesdropping” on the wire from being able to intercept any meaningful (that is, clear text) information.  (One important motivation for this is to allow administrators to manage these devices over possibly insecure networks.)  These protocols incorporate an initial “handshake” between the endpoints, which uses a public key cryptographic protocol to establish a shared, secret session key, which is then used to encrypt further traffic, using symmetric cryptography.  When the client requests a secure session, the server (or router) responds with its cryptographic certificate, signed by a certificate authority [CA], which contains its public key.  The client generates a secret key, encrypts it with the server’s public key, and sends it to the server.  The server can then decrypt the response using its private key, and the session can go forward.

It has been known for some time that there are numerous models of network hardware in which the private key (which must remain secret) is actually embedded into the hardware or firmware of the device.  Now, according to an article at ThreatPost, a group calling itself /dev/ttyS0 has developed a technique for extracting these embedded keys,and has created a database listing private keys associated with about 2,000 public keys.  More detail is explained in their blog post, and the tools, called LittleBlackBox, are available from Google Code here.

Most of these devices contain some sort of modifiable but non-volatile memory in which cryptographic keys, once generated, could be stored, and modified periodically as required.   This would probably require some modification to the firmware and setup procedures, but nothing that seems technically difficult.  The more complex setup might produce some customer resistance, I guess.

The existing SSL and TLS protocols may not be the ultimate in cryptographic security, but that hardly matters if it is easy to compromise the keys.  It may seem that this sort of information should not be published; but you can be sure that the Bad Guys can figure this sort of thing out, too.   Experience suggests that public disclosure and discussion of these issues is the only reliable way to get them fixed.