Challenge 49 ☆☆☆

Welcome to challenge Challenge 49. You need to guess the secret that is hidden in Java, Docker, Kubernetes, Vault, AWS or GCP.

Cracking AES Encryption with a Weak MD5 Key

Imagine you’re a security analyst investigating a mobile app that handles sensitive information. You discover that the developer is using AES encryption to protect a secret, but instead of using a strong Key Derivation Function (KDF), they rely on the insecure MD5 algorithm to derive encryption keys from a simple numeric PIN.

You’ve obtained an encrypted string: k800mdwu8vlQoqeAgRMHDQ==. You know that this string, when decrypted, reveals the text the answer.

The key used for AES encryption is derived by taking the MD5 hash of a PIN, which is a number between 0 and 99999. Your task is to find the correct PIN that was used to derive the encryption key and decrypt the secret.

Can you figure out the correct PIN and unlock the secret?

Answer to solution :

The simplest way to crack the PIN in this scenario is to perform a brute-force attack due to the limited range of possible values (0 to 99,999).

  • Iterate over all possible PINs (from 0 to 99,999).

  • For each PIN, compute its MD5 hash to get the decryption key and try decrypting provided ciphertext.

  • If decrypted text is equal to the answer, you’ve found the correct PIN.

Why Using MD5 as a KDF is Bad

Protecting keys effectively is crucial, and this means using the right Key Derivation Functions (KDFs) with additional entropy and contextual binding, as emphasized in the Mobile Security Testing Guide (MSTG).

MD5 is too fast and easy to compute, enabling attackers to quickly try a vast number of inputs (like PINs) to derive the key. Additionally (although a bit harder to exploit), the collision space is relatively small, meaning multiple different inputs can lead to the same md5 hash.

Stronger KDFs are crucial when dealing with sensitive data, as they provide much-needed resistance against brute-force attacks and protect secrets even if the attacker gains access to partial information.

The MSTG recommends using robust KDFs like PBKDF2, bcrypt, or Argon2, which incorporate additional entropy and enforce computational hardness, making brute-force attacks more costly.


Previous
Go the main page
Next
0