Juniper uses NSA’s weakened encryption algorithm

Security researcher Ralf-Philipp Weinmann claims in a blog post that the vulnerabilities in the Juniper ScreenOS software may have been made possible in part by the NSA. Juniper used a possibly government-intentionally weakened algorithm despite its controversial status.

Weinmann writes that it concerns the Dual_EC_DBRG algorithm. This is used to generate a sequence of random bits from two points on an elliptic curve. In 2007 it was already known that the algorithm is not safe if these points are chosen in advance by a certain party. Nevertheless, the algorithm was included in a standard by the American NIST. In 2013, Snowden’s revelations revealed that the NSA had built backdoors into the Dual_EC_DBRG algorithm.

Still, Juniper used this algorithm in its ScreenOS software, which recently became clear that it does indeed contain a backdoor. Admittedly, after the revelations in 2013, the company announced that it was using a different implementation of the algorithm, but now, among other things, Weinmann’s research shows that starting points in the algorithm were used in 2012 that were not chosen by Juniper itself. The indication for this is that Juniper has restored the original state of the software in the patch. This patch would therefore not have eliminated all vulnerabilities, according to Weinmann via Wired. After all, the vulnerable algorithm is still used by Juniper. This would make it possible to decrypt VPN traffic.

Cisco is responding to the incident by screening code itself for unauthorized additions. However, no vulnerabilities have been identified so far.