Article
Sustainability

Sonatype examines Bouncycastle’s open source vulnerabilities

By William Girling
September 21, 2020
undefined mins
In the continuation of our series examining Sonatype’s White Paper, we explore the specific open source vulnerabilities of Bouncycastle...

In the continuation of our series examining Sonatype’s White Paper, we explore the specific open source vulnerabilities of Bouncycastle.

Ranked fifth on the most vulnerable open source components commonly used by Financial Services organisations list, Bouncycastle first originated in the late 90s as an effort by creators to combine their dual interests in cryptography and open source. It saw its first API released in 2000 at 27,000 lines long, which was subsequently eclipsed in 2012 with a Java code base in excess of 300,000 lines and a C# iteration of over 140,000.

Identifying its primary vulnerability as ‘information exposure’ (vulnerability CVE-2018-5382), the severity of the problem is summarised by Sonatype as follows: 

Bouncy Castle BKS version 1 file is vulnerable to a brute force breach using associated metadata with a file format kept largely unprotected by default.” The following components are affected:

  • org.bouncycastle : bcprov-jdk14 : ( , 1.47)
  • org.bouncycastle : bcprov-jdk15on : ( , 1.47)
  • org.bouncycastle : bcprov-jdk16 : ( , )

The reason for this exposure lies in the package’s less-than-desirable encryption strength. The highly vulnerable ‘engineLoad()` function (part of the ‘JDKKeyStore.class` file) uses the aforementioned BKS V1 file, meaning that sensitive data can easily be compromised. 

Attack mechanics and remediation procedure

A brute force timing or side-channel attack manifests itself by flooding a system with multiple values at once. The perpetrator can then deduce information from the time it takes to generate an incorrect answer from a correct one. 

Ultimately, the root cause for the vulnerability is the BKS V1’s outdated 16-bit HMAC (keyed-hash message authentication code), which simply cannot repel the capabilities of modern hardware.

Sonatype’s recommended course of remediation is simple: upgrade to version 1.47 or newer. This update boosts the HMAC to a far more substantial 160-bit, which is enough to resolve the CVE-2018-5382 vulnerability.

The whitepaper adds, “For users of `org.bouncycastle:bcprov-jdk14` and `org.bouncycastle:bcprov-jdk15on` components, upgrading to version 1.47

is the recommended solution.

“However, a fixed version for `org.bouncycastle:bcprov-jdk16` component does not exist in Maven Central as of writing this piece.”

SonatypeBouncycastleOpen source
Share
Share

Featured Articles

WE’RE LIVE! FinTech LIVE Dubai

Back for another day, this time in Dubai! FinTech LIVE Dubai is LIVE, don’t miss out on your chance to hear from Swift, HSBC, Mastercard and many more

Amberdata: RWA tokenisation gains significant momentum

Explore the world of RWA Tokenisation and why finance professionals are investing in the technology for sustainable growth and risk mitigation

WE’RE LIVE! FinTech LIVE Singapore

Kickstarting the year of events for FinTech LIVE, FinTech LIVE Singapore returns featuring speakers from Amberdata, Standard Chartered, ING, WeLab and more

FinTech LIVE Singapore: Just One More Day to Go!

Financial Services (FinServ)

Top 100 Women 2024: Allison Paine Landers, UBS - No. 10

Sustainability

Top 100 Women 2024: Akila Raman-Vaseghi, Goldman Sachs No. 9

Financial Services (FinServ)