Redmond Uses Protocol NIST Says Is a “Severe Security Vulnerability”
The protocol used by Microsoft for email encryption has a weakness that can leak information meant to stay secret, warns cybersecurity company WithSecure.
Electronic Codebook encrypts repeated blocks of information with the same ciphertext – meaning that in the supposedly impenetrable gibberish encryption uses to protect information from prying eyes, patterns may emerge.
“You can have the correct cipher, a really secure way of creating the key and so forth, but if you’re using ECB, you have this problem,” WIthSecure senior consultant Harry Sintonen tells Information Security Media Group. Microsoft includes email encryption as part of its Azure Rights Management offering.
Electronic Codebook’s shortcomings aren’t a secret: the National Institute of Standards and Technology, the U.S. agency that develops encryption standards for civilian usage, characterizes ECB as “a severe security vulnerability.” The agency earlier this year proposed limiting its use by the federal government.
Sintonen says he’s drawing attention to Microsoft’s use of the algorithm because Microsoft-encrypted email could betray their senders under conditions in which an adversary can gather large volumes of messages.
Because ECB encrypts repeated plaintext within a single message with the same characters, an authority able to capture and analyze email flows could infer parts of the encrypted text.
“If you have repeating patterns, these patterns are visible.” The vulnerability requires repetition within the message or consistent repetition among multiple messages – the latter also requiring more advanced analysis to spot.
To prove the vulnerability, Sintonen was able to extract from raw image file of the word “fail” printed in black against background. The extraction was not perfect, but clearly enough to read the text.
Sintonen says he contacted Microsoft, which did not assign a CVE to the vulnerability. In a written statement, a company spokesperson says encryption “is intended as a tool to prevent accidental misuse and is not a security boundary.”
SIntonen speculates Microsoft continues to use the algorithm, despite its known problems, primarily to support backward compatibility. Once Redmond started using Electronic Codebook, it is difficult to get away from it without causing customers to lose the ability to decrypt old messages. “I think this probably has been some kind of early mistake they just couldn’t easily fix.”
A Microsoft insider tells ISMG that’s the case, but that the company is examining alternatives to Electronic Cookbook for future product updates.