Black Hat: Oracle's crypto not secure, researcher says

SAN FRANCISCO - The standard encryption mechanism used by Oracle's database products can be easily circumvented, according to a German security researcher who last week published details on a number of unpatched security

vulnerabilities in the database vendor's products.

Security expert Alexander Kornbrust plans to give a presentation at the Black Hat USA 2005 security conference this week showing how Oracle's encryption can be broken. The encryption features that come standard with Oracle's database, called DBMS Crypto and DBMS Obfuscation Toolkit, can be circumvented, he said in an interview.

"A lot of people think that if they use this DBMS Crypto, a hacker is not able to decrypt the data, but I found a way to get the keys," said Kornbrust, a business director at Red-Database-Security GmbH, in Neunkirchen, Germany.

This could result in a nasty surprise for customers who believe they are protecting their data from attackers via Oracle's standard encryption mechanisms, he added. "If a hacker breaks into your database, he's able to retrieve all of the sensitive information like credit card numbers."

The problem lies with the design of Oracle's encryption mechanism and the fact that it stores unencrypted numbers, called keys, in a way that they can be seen by an attacker and then used to read sensitive data.

Oracle Director of Product Management Paul Needham acknowledged that, for many Oracle installations, getting access to these encryption keys could happen if an attacker gained access to a privileged "DBA" (database administrator) account on the server. "Most of the customers would store the encryption key in a table in the database. To the extent that you have a DBA [account] that can see the tables, you can just read the tables and find the encryption key."

The encryption software does provide a way of protecting sensitive data on storage media like backup tapes, and it can be used to bring users into compliance with government regulations, Needham said, adding that his company does not recommend relying on encryption alone as a method of securing data. "Encryption should not be considered an access control solution," he said.

Oracle customers who read the documentation for the company's 10g database might be led to think otherwise, however. In the event that an attacker gains access to the database, "encryption of stored data can... be an important tool in limiting information loss," Oracle's documentation states.

Customers who think they are preventing attackers, or even curious database administrators from gaining access to sensitive data by using Oracle's standard encryption features are mistaken, Kornbrust said.

In fact, Oracle sells another encryption product for its database that Kornbrust says is designed in a much more secure fashion.

For $10,000 per processor, customers can purchase Oracle's Advanced Security software, which includes a feature called Transparent Data Encryption (TDE). TDE uses a second encryption key that is stored in an "Oracle wallet" file outside of the database, and is therefore much harder to crack, according to Needham. "If you got access to the key in the database, you still couldn't decrypt the data, unless you got access to the other key as well," he said.

This is not the first time that Kornbrust, a former Oracle employee whose company provides Oracle security consulting services, has pointed out the failings in Oracle's products. Last week his company published details on six unpatched security vulnerabilities in Oracle's products, claiming that Oracle had not patched them in the two years since it had been first been made aware of the bugs.