Authentication bypass vulnerability discovered in Bouncy Castle

Attackers can bypass password checks in applications that use Bouncy Castle’s OpenBSDBcrypt class.

Password stars on a computer screen

Security researchers have found a flaw in a Java cryptography library that could enable hackers to brute force Bcrypt hashed passwords. Once exploited, a hacker could gain administrator-level access to a single sign-on (SSO) system

CVE-2020-28052 is an authentication bypass vulnerability in the OpenBSDBcrypt class of the popular Bouncy Castle library. Bcrypt hashing–based authentication is used for authentication checks, for example, in web applications and APIs. 

The exploit means an attacker could effectively bypass password checks in applications using the Bcrypt algorithm for password hashing. According to a Synopsys blog post, the vulnerability in the method OpenBSDBcrypt.doCheckPassword was introduced in a GitHub commit.

Researchers said the doCheckPassword method implements a flawed verification routine. The code checks for an index of characters from 0 to 59 inclusive, rather than checking that characters at positions from 0 to 59 match. 

“This means that passwords that result in hashes that, for instance, don’t contain bytes between 0x00 and 0x3B match every other password hash that doesn’t contain them. Passing this check means an attacker doesn’t need a byte-for-byte match with the stored hash value,” researchers said.

In most cases where Bcrypt.doCheckPassword() is used to check a password, successful exploitation will cause an authentication bypass.

Researchers said a hacker must brute-force password attempts until they trigger a bypass.

“Our experiments show that 20% of tested passwords were successfully bypassed within 1,000 attempts. Some password hashes take more attempts, determined by how many bytes lie between 0 and 60 (1 to 59). Further, our investigation shows that all password hashes can be bypassed with enough attempts. In rare cases, some password hashes can be bypassed with any input,” said researchers.

Researchers shared the bug with Bouncy Castle on October 20, who fixed it in early November and published an advisory on December 18. The disclosure led Synopsys to check its use of the Bouncy Castle software, but none of its software used the affected versions.

According to researchers, affected software included Bouncy Castle 1.65 (released March 31, 2020) and Bouncy Castle 1.66 (released July 4, 2020). This authentication bypass issue affects no other versions of the software. Synopsys strongly recommended that software vendors and Bouncy Castle library users upgrade to Bouncy Castle Java release 1.67 or later.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

Improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

UK's first government cyber strategy aims to bolster public sector defences
cyber security

UK's first government cyber strategy aims to bolster public sector defences

25 Jan 2022
IT Pro Podcast Special Edition: Learning to live with risk
Sponsored

IT Pro Podcast Special Edition: Learning to live with risk

25 Jan 2022
Russia's "politically motivated" REvil raid could be used as leverage, experts warn
ransomware

Russia's "politically motivated" REvil raid could be used as leverage, experts warn

17 Jan 2022
Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021

Most Popular

Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022
Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022
Openreach offers £20,000 reward for information on stolen copper cables
broadband

Openreach offers £20,000 reward for information on stolen copper cables

21 Jan 2022