Challenge 24 ☆☆

Welcome to challenge Challenge 24. You need to guess the secret that is hidden in Java, Docker, Kubernetes, Vault, AWS or GCP.

Cryptographic challenge part 2

Implementing cryptography can be very daunting. So there are various mistakes you can find on Twitter. What if our developers made the same mistake?

In this challenge, you need to find the HMAC key. Note that we created an HMAC following the spec from NIST step by step! Can you provide us the HMAC-key used to create the HMAC?

Text used: Sample message for keylen=blocklen

HMAC produced in Hex: 5FD596EE 78D5553C 8FF4E72D 266DFD19 2366DA29

What is the HMAC key used here?

Answer to solution :

You can solve this challenge by the following steps:

  1. Using the HMAC from the spec:

    • Open the spec from NIST.

    • Find the matching input text and HMAC in the spec

    • Now Hex decode the found (00010203 04050607 08090A0B 0C0D0E0F 10111213 14151617 18191A1B 1C1D1E1F 20212223 24252627 28292A2B 2C2D2E2F 30313233 34353637 38393A3B 3C3D3E3F) and use it as an answer.

Why copying Specs is a bad idea

When you try to implement cryptographic controls, it can be very daunting: there are a lot of details you need to pay attention to. By now you know that it is not recommended to copy every primitive of an example for your own implementation. In this example we copied the HMAC key from a NIST spec, which anybody could have tried to use in order to brute-force the HMAC key used.

Please note that copying keys from specs/examples does not only hold for HMACs, it holds for any cryptographic operation (signing, encryption, decryption, etc.).

Still need to generate a key? Make sure you use a Secure Random generator and the right library for your runtime to generate the key instead.

To make it even safer, use a key generation and/or derivation setup in which every new message has a different key. That way, you have "Perfect Forward secrecy". This will ensure that older messages cannot be decrypted when one key is compromised.