複数のEE2Eクラウドストレージサービスにおいてセキュリティ上の問題があるとする分析報告が公開 [36iiM2★] (4)

←← 掲示板一覧に戻る ← スレッド一覧に戻る

Severe flaws in E2EE cloud storage platforms used by millions
https://hatenablog-parts.com/embed?url=https://www.bleepingcomputer.com/news/security/severe-flaws-in-e2ee-cloud-storage-platforms-used-by-millions/</a>" frameborder="0">https://www.bleepingcomputer.com/news/security/severe-flaws-in-e2ee-cloud-storage-platforms-used-by-millions/

Several end-to-end encrypted (E2EE) cloud storage platforms are vulnerable to a set of security issues that could expose user data to malicious actors.

Cryptographic analysis from ETH Zurich researchers Jonas Hofmann and Kien Tuong Turong revealed issue with Sync, pCloud, Icedrive, Seafile, and Tresorit services, collectively used by more than 22 million people.

The analysis was based on the threat model of an attacker controlling a malicious server that can read, modify, and inject data at will, which is realistic for nation-state actors and sophisticated hackers.

https://hatenablog-parts.com/embed?url=https://brokencloudstorage.info/paper.pdf</a>" frameborder="0">https://brokencloudstorage.info/paper.pdf

The ETH Zurich researchers found serious vulnerabilities in all five products, including implementations that allow a malicious actor to inject files, tamper with data, or gain access to user files. Here's an overview of the discovered issues:

1. Sync
Sync's vulnerabilities include unauthenticated key material, allowing attackers to inject their own encryption keys and compromise data. The lack of public key authentication in file sharing further enables attackers to decrypt shared files.
Shared links expose passwords to the server, breaking confidentiality. Additionally, attackers can rename or move files undetected and even inject folders into user storage, making them appear as if the user uploaded them.

2. pCloud
pCloud's main issues stem from unauthenticated key material, allowing attackers to overwrite private keys and force encryption with attacker-controlled keys.
Public keys are also unauthenticated, giving attackers access to encrypted files. Additionally, attackers can inject files, manipulate metadata like file size, and reorder or remove chunks due to the lack of authentication in the chunking process.

3. Icedrive
Icedrive's use of unauthenticated CBC encryption makes it vulnerable to file tampering, allowing attackers to modify file contents.
File names can also be truncated or altered. The chunking process lacks authentication, meaning attackers can reorder or remove file chunks, compromising file integrity.

4. Seafile
Seafile is vulnerable to protocol downgrades, making password brute-forcing easier.
Its use of unauthenticated CBC encryption allows file tampering, and unauthenticated chunking lets attackers manipulate file chunks.
File names and locations are also unsecured, and the server can inject files or folders into user storage.

5. Tresorit
Tresorit's public key authentication relies on server-controlled certificates, which attackers can replace to access shared files.
Metadata is also vulnerable to tampering, allowing attackers to alter file creation details and mislead users.

Out of the examined group of five, Tresorit fared relatively better, as the issues discovered do not directly expose file contents or allow for easy data manipulation.

https://i.imgur.com/Nr6FTnR.png" data-lightbox="image">https://i.imgur.com/Nr6FTnR.png" loading="lazy">
https://i.imgur.com/Nr6FTnR.png

!pool