1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The Juniper VPN backdoor: buggy code with a dose of shady NSA crypto

Discussion in 'CSO' started by RSS, Dec 22, 2015.

  1. RSS

    RSS New Member Member

    Security researchers and crypto experts have spent the last few days trying to figure out the details of a recently announced backdoor in Juniper NetScreen firewalls that could allow attackers to decrypt VPN (Virtual Private Network) traffic. They believe that they found the answer: a combination of likely malicious third-party modifications and Juniper's own crypto failures.

    According to experts, Juniper was using a known flawed random number generator called Dual_EC_DRBG as the foundation for cryptographic operations in NetScreen's ScreenOS, but believed it was doing so securely because of additional precautions it had taken. It turns out those safeguards were ineffective.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page