Security researchers at ETH (Swiss Federal Institute of Technology) in Zurich have uncovered flaws in the end-to-end encryption of share hoster Mega. By taking advantage of the vulnerabilities, operators or attackers can view encrypted files under certain conditions.
Indeed, end-to-end encryption must guarantee that only the rightful owner can decrypt their files. Neither operator can read through its infrastructure in plain text and attackers are also turned off – if the required cryptographic operations are implemented correctly.
problem solved. But only temporarily?
Security researchers explain on a websiteNot so with the Mega. The bug is found in a problematic cryptography implementation. In a statement, Mega StatesTo at least partially solve the problem. More patches to follow. There have been no such attacks so far.
Security researchers confirm that, for example, it is no longer possible to access private keys using their method. According to him, however, the non-optimal implementation remains and further attacks may be profiled through other routes.
Issues
The mega-client receives authentication and encryption keys from the user’s password. Among other things, the encryption key encrypts other keys, for example for chat functions and file access. To ensure access from multiple devices, the private key is encoded on the MEGA server.
Since the keys have no integrity protection, security researchers said they intervened in a manipulative manner. This enabled them to draw conclusions about prime numbers during the data exchange of session IDs. After 512 login attempts with the password, they were able to reconstruct the private key bit by bit using an RSA key recovery attack.
However, to be able to do so, access to the mega server infrastructure must be provided. The operator could theoretically decrypt files or attackers in a man-in-the-middle situation.
more attacks
Therefore operators or attackers can access the information in plain text. It is also conceivable that attackers could manipulate files stored by users or even impose files infected with malicious code on victims that pass authenticity checks. In their detailed report, security researchers explain other attacks and describe possible attack scenarios.,
(of)