Authentication Bypass Vulnerability Patched in Bouncy Castle Library
A high-severity authentication bypass vulnerability was recently addressed in the Bouncy Castle cryptography library.
Founded in 2000, the project represents a collection of APIs used in cryptography for both Java and C#, with a strong emphasis on standards compliance and adaptability.
Synopsys CyRC security researchers revealed this week that an authentication vulnerability they identified in the OpenBSDBcrypt class of the Java cryptography library could be abused to bypass password checks in applications relying on the library. Tracked as CVE-2020-28052, the bug has a CVSS score of 8.1.
The OpenBSDBcrypt class leverages the Bcrypt algorithm for hashing passwords, and the researchers explain that the bug is the result of a flawed verification routine implemented in the method OpenBSDBcrypt.doCheckPassword.
“The code checks for an index of characters from 0 to 59 inclusive, rather than checking that characters at positions from 0 to 59 match. This means that passwords that result in hashes that, for instance, don’t contain bytes between 0x00 and 0x3B match every other password hash that don’t contain them,” Synopsys CyRC explains.
This means that an attacker can pass the check even if they can’t byte-for-byte match a stored hash value. Successful exploitation of the vulnerability could result in authentication bypass, allowing the attacker to perform operations as a legitimate user, including administrators.
According to the security researchers, an attacker needs to perform brute-force attempts on the passwords until they can trigger the bypass.
“Our experiments show that 20% of tested passwords were successfully bypassed within 1,000 attempts. […] Further, our investigation shows that all password hashes can be bypassed with enough attempts. In rare cases, some password hashes can be bypassed with any input,” the researchers say.
The issue was found to affect Bouncy Castle versions 1.65 and 1.66, but not previous releases. Bouncy Castle 1.67 was released on November 1, 2020, with patches for the vulnerability.
Both vendors and users of software that relies on this library are advised to upgrade to Bouncy Castle Java release 1.67 or later, to ensure they are not exposed.