CAPEC-485

Detailed Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Draft MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Low Severity: High
Signature Spoofing by Key Recreation

Description

An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Prerequisites

An authoritative signer is using a weak method of random number generation or weak signing software that causes key leakage or permits key inference.

An authoritative signer is using a signature algorithm with a direct weakness or with poorly chosen parameters that enable the key to be recovered using signatures from that signer.

Mitigations

Ensure cryptographic elements have been sufficiently tested for weaknesses.

Skills Required

[High] Cryptanalysis of signature generation algorithm

[High] Reverse engineering and cryptanalysis of signature generation algorithm implementation and random number generation

[High] Ability to create malformed data blobs and know how to present them directly or indirectly to a victim.