As researchers uncover more about two vulnerabilities recently patched in some Juniper Networks firewalls, the security community continues to speculate about who inserted what Juniper called "unauthorized code" into the company's firewall operating system ScreenOS.
Security experts suggested that one of the security holes in particular, which Juniper warns could allow eavesdroppers to decrypt VPN traffic to some of its NetScreen firewalls, could be the work of the National Security Agency or another spy agency overseas.
"There is no way to detect that this vulnerability was exploited," Juniper cautioned.
The company indicated it has no evidence that either that weakness, or a second vulnerability introducing a secret password that allows anyone to remotely take control of the firewalls, has actually been used. U.S. law enforcement agencies have reportedly joined Juniper in investigating how the code came to be in the firewalls, which are used by big companies and government agencies to secure their networks, Reuters reported Tuesday.
Still, the news of the vulnerabilities comes at a time when the U.S. tech industry is particularly jittery about both the risks of hacks by skilled attackers abroad and a push by domestic officials to create ways for the government to access encrypted communications. Days after Juniper's announcement of the security holes, rival Cisco announced that it had undertaken a precautionary review of its own code—and reiterated that the company has a firm "no backdoor" policy.
"Our development practices specifically prohibit any intentional behaviors or product features designed to allow unauthorized device or network access, exposure of sensitive device information, or a bypass of security features or restrictions," wrote Anthony Grieco, the head of Cisco's Trust Strategy Office, on a company blog.
While Juniper has been tight-lipped about the details of the two vulnerabilities since announcing their existence and releasing a fix on Friday, researchers reverse-engineering the patches have determined the VPN issue relates to an algorithm used to create randomized encryption keys. The algorithm, called Dual_EC_DRBG, was developed by the National Institute of Standards and Technology with help from the NSA. Reports in 2013, based on materials leaked by Edward Snowden, suggested the agency had inserted a backdoor letting it predict random numbers generated by the routine and decode messages they're used to encrypt.
Juniper has said that its use of the algorithm isn't vulnerable to that hack, and the company apparently uses different values for a particular algorithm parameter, known as Q, than that recommended in the NSA-influenced standard, according to a Tuesday blog post by Matthew Green, an assistant professor of Computer Science at Johns Hopkins University. Cryptographers have discovered that eavesdroppers who can control the value of Q can potentially break codes using keys generated with the algorithm, Green wrote.
And, Green wrote, Friday's patch changes the value of Q used in recent versions of Juniper's code to one used in earlier versions of the operating system—suggesting the more recent Q value may have made the algorithm vulnerable. And, he argues, the company has never explained the origin of either value, forcing customers to trust the now-restored parameter is secure.
"The optimistic view is that they recognized the vulnerability of Dual EC and tried to mitigate it by generating their own parameters," he wrote in an email to Fast Company. "Of course, the concern with this is that anyone who generates their own Q could also generate it maliciously, and give the resulting secrets to a surveillance agency. Without some proof that Juniper's Q value was generated safely, we can't really distinguish the two cases."
A Juniper spokesperson declined to comment Tuesday.
The second vulnerability, where a secret password could grant administrative access to the firewalls, also seemed to highlight the speed with which the keys to hidden backdoors could be disseminated across the Internet. Ronald Prins, the CTO of Dutch security firm Fox-IT, tweeted that his company had determined the hidden password merely six hours after Juniper's announcement.
"Patch now," he urged readers.
By Tuesday, the password—which appears to have been chosen to resemble an error message formatting template string in order to blend in with surrounding code—was widely disseminated across the Internet and was even available for sale on T-shirts riffing on its resemblance to the name of Art of War author Sun Tzu.