Dubbed “HTTP/2 Rapid Reset,” the flaw requires issuing patches to virtually every web server around the world before the problem can be eradicated.

Google, Amazon, Microsoft, and Cloudflare revealed this week that they battled massive, record-setting distributed denial of service attacks against their cloud infrastructure in August and September. DDoS attacks, in which attackers attempt to overwhelm a service with junk traffic to bring it down, are a classic internet menace, and hackers are always developing new strategies to make them bigger or more effective. The recent attacks were particularly noteworthy, though, because hackers generated them by exploiting a vulnerability in a foundational web protocol. This means that while patching efforts are well underway, fixes will need to essentially reach every web server globally before these attacks can be fully stamped out.

Dubbed “HTTP/2 Rapid Reset,” the vulnerability can only be exploited for denial of service—it doesn't allow attackers to remotely take over a server or exfiltrate data. But an attack doesn't need to be fancy to cause major problems—availability is vital for access to any digital service, from critical infrastructure to crucial information.

“DDoS attacks can have wide-ranging impacts to victim organizations, including loss of business and unavailability of mission-critical applications,” Google Cloud's Emil Kiner and Tim April wrote this week. “Time to recover from DDoS attacks can stretch well beyond the end of an attack.”

Another facet of the situation is where the vulnerability came from. Rapid Reset isn't in a particular piece of software but in the specification for the HTTP/2 network protocol used for loading webpages. Developed by the Internet Engineering Task Force (IETF), HTTP/2 has been around for about eight years and is the faster, more efficient successor to the classic internet protocol HTTP. HTTP/2 works better on mobile and uses less bandwidth, so it has been extremely widely adopted. IETF is currently developing HTTP/3.

“Because the attack abuses an underlying weakness in the HTTP/2 protocol, we believe any vendor that has implemented HTTP/2 will be subject to the attack,” Cloudflare's Lucas Pardue and Julien Desgats wrote this week. Though it seems that there are a minority of implementations that are not impacted by Rapid Reset, Pardue and Desgats emphasize that the problem is broadly relevant to "every modern web server.”

Unlike a Windows bug that gets patched by Microsoft or a Safari bug that gets patched by Apple, a flaw in a protocol can't be fixed by one central entity because each website implements the standard in its own way. When major cloud services and DDoS-defense providers create fixes for their services, it goes a long way toward protecting everyone who uses their infrastructure. But organizations and individuals running their own web servers need to work out their own protections.

Dan Lorenc, a longtime open source software researcher and CEO of the software supply chain security company ChainGuard, points out that the situation is an example of a time when the availability of open source and the prevalence of code reuse (versus always building everything from scratch) is an advantage, because many web servers have likely copied their HTTP/2 implementation from somewhere else rather than reinvent the wheel. If these projects are maintained, they will develop Rapid Reset fixes that can proliferate out to users.

It will take years to reach full adoption of these patches, though, and there will still be some services that did their own HTTP/2 implementation from scratch and don't have a patch coming from anywhere else.

“It's important to note that the big tech companies discovered this while it was being actively exploited,” Lorenc says. “It can be used to take a service down like operational tech or industrial control. That’s scary.”

Though the string of recent DDoS attacks on Google, Cloudflare, Microsoft, and Amazon raised the alarm for being so large, the companies were ultimately able to repel the attacks, which didn't cause lasting damage. But just by carrying out the assaults, hackers revealed the existence of the protocol vulnerability and how it could be exploited—a cause and effect known in the security community as “burning a zero day.” Even though the patching process will take time, and some web servers will remain vulnerable long term, the internet is safer now than if attackers hadn't shown their cards by exploiting the flaw.

“A bug like this in the standard is unusual, it's a novel vulnerability and was a valuable finding for whoever first discovered it,” Lorenc says. “They could have saved it or even probably sold it for a lot of money. I'm always going to be curious about the mystery of why someone decided to burn this one.”

HTTP/2 Rapid Reset: A New Protocol Vulnerability Will Haunt the Web for Years

A piece of malware known as DarkGate has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams.
In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt script designed to launch the malware.
"It's

A piece of malware known as **DarkGate** has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams.

In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt script designed to launch the malware.

"It's unclear how the originating accounts of the instant messaging applications were compromised, however it is hypothesized to be either through leaked credentials available through underground forums or the previous compromise of the parent organization," Trend Micro said in a new analysis published Thursday.

DarkGate, first documented by Fortinet in November 2018, is a commodity malware that incorporates a wide range of features to harvest sensitive data from web browsers, conduct cryptocurrency mining, and allow its operators to remotely control the infected hosts. It also functions as a downloader of additional payloads such as Remcos RAT.

Social engineering campaigns distributing the malware have witnessed a surge in recent months, leveraging initial entry tactics such as phishing emails and search engine optimization (SEO) poisoning to entice unwitting users into installing it.

The uptick follows the malware author's decision to advertise the malware on underground forums and rent it out on a malware-as-a-service basis to other threat actors after years of using it privately.

The use of Microsoft Teams chat message as a propagation vector for DarkGate was previously highlighted by Truesec early last month, indicating that it's likely being put to use by several threat actors.

A majority of the attacks have been detected in the Americas, followed closely by Asia, the Middle East, and Africa, per Trend Micro.

The overall infection procedure abusing Skype and Teams closely resembles a malspam campaign reported by Telekom Security in late August 2023, save for the change in the initial access route.

"The threat actor abused a trusted relationship between the two organizations to deceive the recipient into executing the attached VBA script," Trend Micro researchers Trent Bessell, Ryan Maglaque, Aira Marcelo, Jack Walsh, and David Walsh said.

"Access to the victim's Skype account allowed the actor to hijack an existing messaging thread and craft the naming convention of the files to relate to the context of the chat history."

The VBA script serves as a conduit to fetch the legitimate AutoIt application (AutoIt3.exe) and an associated AutoIT script responsible for launching the DarkGate malware.

An alternate attack sequence involves the attackers sending a Microsoft Teams message containing a ZIP archive attachment bearing an LNK file that, in turn, is designed to run a VBA script to retrieve AutoIt3.exe and the DarkGate artifact.

"Cybercriminals can use these payloads to infect systems with various types of malware, including info stealers, ransomware, malicious and/or abused remote management tools, and cryptocurrency miners," the researchers said.

"As long as external messaging is allowed, or abuse of trusted relationships via compromised accounts is unchecked, then this technique for initial entry can be done to and with any instant messaging (IM) apps."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

DarkGate Malware Spreading via Messaging Services Posing as PDF Files

The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023.
That's according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation's

The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023.

That's according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation's tactics, techniques, and procedures (TTPs).

"AvosLocker affiliates compromise organizations' networks by using legitimate software and open-source remote system administration tools," the agencies said. "AvosLocker affiliates then use exfiltration-based data extortion tactics with threats of leaking and/or publishing stolen data."

The ransomware strain first emerged on the scene in mid-2021, and has since leveraged sophisticated techniques to disable antivirus protection as a detection evasion measure. It affects Windows, Linux, and VMware ESXi environments.

A key hallmark of AvosLocker attacks is the reliance on open-source tools and living-off-the-land (LotL) tactics, leaving no traces that could lead to attribution. Also used are legitimate utilities like FileZilla and Rclone for data exfiltration as well as tunneling tools such as Chisel and Ligolo.

Command-and-control (C2) is accomplished by means of Cobalt Strike and Sliver, while Lazagne and Mimikatz are used for credential theft. The attacks also employ custom PowerShell and Windows Batch scripts for lateral movement, privilege escalation, and disarming security software.

"AvosLocker affiliates have uploaded and used custom web shells to enable network access," the agencies noted. Another new component is an executable named NetMonitor.exe that masquerades as a network monitoring tool but actually functions as a reverse proxy to allow the threat actors to connect to the host from outside the victim's network.

CISA and FBI are recommending critical infrastructure organizations to implement necessary mitigations to reduce the likelihood and impact of AvosLocker ransomware and other ransomware incidents.

This includes adopting application controls, limiting the use of RDP and other remote desktop services, restricting PowerShell use, requiring phishing-resistant multi-factor authentication, segmenting networks, keeping all systems up-to-date, and maintaining periodic offline backups.

The development comes as Mozilla warned of ransomware attacks leveraging malvertising campaigns that trick users into installing trojanized versions of Thunderbird, ultimately leading to the deployment of file-encrypting malware and commodity malware families such as IcedID.

Ransomware attacks in 2023 have witnessed a major surge, even as threat actors are moving swiftly to deploy ransomware within one day of initial access in more than 50% of engagements, according to Secureworks, dropping from the previous median dwell time of 4.5 days in 2022.

What's more, in more than 10 percent of incidents, ransomware was deployed within five hours.

"The driver for the reduction in median dwell time is likely due to the cybercriminals' desire for a lower chance of detection," Don Smith, vice president of threat intelligence at Secureworks Counter Threat Unit, said.

"As a result, threat actors are focusing on simpler and quicker to implement operations, rather than big, multi-site enterprise-wide encryption events that are significantly more complex. But the risk from those attacks is still high."

Exploitation of public facing applications, stolen credentials, off-the-shelf malware, and external remote services have emerged as the three largest initial access vectors for ransomware attacks.

To rub salt into the wound, the RaaS model and the ready availability of leaked ransomware code have lowered the barrier to entry for even novice criminals, making it a lucrative avenue to make illicit profits.

"While we still see familiar names as the most active threat actors, the emergence of several new and very active threat groups is fuelling a significant rise in victim and data leaks," Smith added. "Despite high profile takedowns and sanctions, cybercriminals are masters of adaptation, and so the threat continues to gather pace."

Microsoft, in its annual Digital Defense Report, said 70% of organizations encountering human-operated ransomware had fewer than 500 employees, and that 80 to 90 percent of all compromises originate from unmanaged devices.

Telemetry data gathered by the company shows that human-operated ransomware attacks have gone up more than 200 percent since September 2022. Magniber, LockBit, Hive, and BlackCat comprised almost 65 percent of all ransomware encounters.

On top of that, approximately 16 percent of recent successful human-operated ransomware attacks involved both encryption and exfiltration, while a 13 percent used exfiltration only.

"Ransomware operators are also increasingly exploiting vulnerabilities in less common software, making it more difficult to predict and defend against their attacks," the tech giant said. "This reinforces the importance of a holistic security approach."

Redmond said it also observed a "sharp increase" in the use of remote encryption during human-operated ransomware attacks, accounting for 60 percent on average over the past year.

"Instead of deploying malicious files on the victim device, encryption is done remotely, with the system process performing the encryption, which renders process-based remediation ineffective," Microsoft explained. "This is a sign of attackers evolving to further minimize their footprint."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

Allocation of Resources Without Limits or Throttling in GitHub repository vriteio/vrite prior to 0.3.0.

CVE-2023-5573

Server-Side Request Forgery (SSRF) in GitHub repository vriteio/vrite prior to 0.3.0.

@@ -1,11 +1,10 @@ import { appRouter, errors, publicPlugin, trpcPlugin } from "@vrite/backend"; import { errors, publicPlugin, trpcPlugin, processAuth } from "@vrite/backend"; import staticPlugin from "@fastify/static"; import websocketPlugin from "@fastify/websocket"; import axios from "axios"; import viewPlugin from "@fastify/view"; import handlebars from "handlebars"; import { FastifyReply } from "fastify"; import { processAuth } from "@vrite/backend/src/lib/auth"; import { nanoid } from "nanoid"; import multipartPlugin from "@fastify/multipart"; import mime from "mime-types"; Expand All @@ -15,7 +14,7 @@ import path from "path";  
const appService \= publicPlugin(async (fastify) \=> { const renderPage \= async (reply: FastifyReply): Promise<void\> \=> { return reply.view("index.html", { return reply.header("X-Frame-Options", "SAMEORIGIN").view("index.html", { PUBLIC\_APP\_URL: fastify.config.PUBLIC\_APP\_URL, PUBLIC\_API\_URL: fastify.config.PUBLIC\_API\_URL, PUBLIC\_COLLAB\_URL: fastify.config.PUBLIC\_COLLAB\_URL, Expand Down Expand Up @@ -51,57 +50,6 @@ const appService = publicPlugin(async (fastify) => { fastify.setNotFoundHandler(async (\_request, reply) \=> { return renderPage(reply); }); fastify.get<{ Querystring: { url: string } }\>("/proxy\*", async (request, reply) \=> { const filterOutRegex \= /(localhost|\\b(?:(?:25\[0-5\]|2\[0-4\]\\d|\[01\]?\\d\\d?)\\.){3}(?:25\[0-5\]|2\[0-4\]\\d|\[01\]?\\d\\d?)(?::\\d{0,4})?\\b)/;  
if (request.headers.origin) { reply.header("Access-Control-Allow-Origin", fastify.config.PUBLIC\_APP\_URL); reply.header("Access-Control-Allow-Methods", "GET"); reply.header( "Access-Control-Allow-Headers", request.headers\["access-control-request-headers"\] ); } else if ( fastify.config.NODE\_ENV !== "development" && !fastify.config.PUBLIC\_APP\_URL.includes("localhost") ) { // Prevent proxy abuse in production return reply.status(400).send("Invalid Origin"); }  
if ( filterOutRegex.test(request.query.url) && !request.query.url.includes(fastify.config.PUBLIC\_ASSETS\_URL) ) { return reply.status(400).send("Invalid URL"); }  
if (request.method \=== "OPTIONS") { // CORS Preflight reply.send(); } else { const targetURL \= request.query.url;  
try { const response \= await axios.get(targetURL, { responseType: "arraybuffer" });  
if (!\`${response.headers\["content-type"\]}\`.includes("image")) { return reply.status(400).send("Invalid Content-Type"); }  
reply.header("content-type", response.headers\["content-type"\]); reply.send(Buffer.from(response.data, "binary")); } catch (error) { // eslint-disable-next-line no-console console.error(error);  
return reply.status(500).send("Could not fetch"); } } }); fastify.post<{ Body: Buffer; }\>("/upload", async (req, res) \=> { Expand Down

CVE-2023-5572: Vrite v0.3 (#45) · vriteio/vrite@1877683

Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1.

**Cross-site Scripting (XSS) in froxlor/froxlor**

Moderate severity GitHub Reviewed Published Oct 13, 2023 to the GitHub Advisory Database • Updated Oct 13, 2023

GHSA-j5hq-6frc-64v3: Cross-site Scripting (XSS) in froxlor/froxlor

Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages.








%PDF-1.7 %���� 193 0 obj <> endobj 217 0 obj <>/Encrypt 194 0 R/Filter/FlateDecode/ID\[<45ABE724E55DAD4D846015193B9C4179><27416F8FC7DC2B469F6B2BB55C31DF91>\]/Index\[193 40\]/Info 192 0 R/Length 113/Prev 172988/Root 195 0 R/Size 233/Type/XRef/W\[1 3 1\]>>stream h�bbd\`\`\`b\`\`f�L�A$C�d����\`v8X�;Xe:�d߁ Yg�H�,����k��)�D���a<�lf��f���j���Z���� ����j�����n endstream endobj startxref 0 %%EOF 232 0 obj <>stream w���\_�ى�\\�"�n��mH�0�",J�mLN�M�F� =.�$���(��dZ�M�\`�b�TKDJ�d�Xo�|�-Y�?sP<�� ��}�Ck�ٌ��Y�:�� �(��/mR�$h\[EG��x�T�݃\[��=\\;\_���b4��Oia7�K��# endstream endobj 194 0 obj <>>>/Filter/Standard/Length 256/O(��FW�Z\\)5\\n�f�w �c�O��3���������w'\\nG:uO~�Ѱ)/OE(����Em��>��W��w6�����f�H�����)/P -1324/Perms(G�����G6���1t;��)/R 6/StmF/StdCF/StrF/StdCF/U(<���f�v��vv�J��Omj@��v�8�E����!>\$\$W�^O���)/UE(7S6S�4}IEYc���,�e�eF�Z�����)/V 5>> endobj 195 0 obj <>/Metadata 6 0 R/PageLayout/OneColumn/Pages 191 0 R/StructTreeRoot 11 0 R/Type/Catalog>> endobj 196 0 obj <>/ProcSet\[/PDF/Text\]>>/Rotate 0/StructParents 0/Tabs/S/Type/Page>> endobj 197 0 obj <>stream ����C嗼�S�zk�V�܋��8G�h#!��\\�B�g�v%M=Ј�O�\`� �\_b�ߍgnB������J���6Y1vj�e\\������\_:��8��Dc:�ϰ�hځ��:�=���p��&f�o��0| #9� �=��ល�W� A� /�����û���tI/b��I�lvv��j��)���c\*8�to}|\`�$��2ip�,����GuE��Tb�� �M�,�@�����|a�aP��~vʲ����L� �rPu�!\*GbO��IɃB��5�����r���\[��{�i^ J��� :��GΆ�\\k\_X�~�� ���8�\`�U��T.�\*o��;xQ#�&�d~��Z7�煱9�#=�����7δC�>S�N��+���\*E�����G���ֱ��p2ŊٖhʬEr��-|���Y�\[�h�Q��hl�Qcܝ�\*�S�ve �>�T�ԛ �IY�󍮰&��y����f�{F��P���@�� �w=� &9D�GPd0�Bv^���¬r�K�ᤦ�VR�7d�W�Y9jo��p�Ad(�\[ D�L�f;ʬ, ^$cs�d�%�xe<�C}U0�"�����^G�ɴ1�N^^����t^��"΂使ק����/��6�9�ՒQ>��C�AT�\\ �\\��f���%D�EVf6K�k����@�\`ڸ��8�t���c��'X�u�T��������}���U�wbd }�Pk^���4��\_���3!3����JET?�kL>&DQe��;����MS�x.�l��&�����i�җ�؆�R���L�#��"���&��Ȉ{�$Z�/\[�<ص��8�$���ՓVs����ew\`(2�d�4l|��|�m�b"˼��Km ��� \`0� 6�d�Y��D,��qW�!kH��wt�˂��Kԝ\[�.װ���&I9�=���d�6\`����>��k���N ��O����zP �Z�86������ϵTڍ�f��~�'��H�w�d�#�y#x�#�e|���F�;,ױ��-E������u� endstream endobj 198 0 obj <>stream ���jTI�;-��F���}o/I�W ��\*�6|,l)�s26r�ځ"l�nK��l5�~��H��f@i%z@a��2y@7����;D��w\_6;�w�6�������m�"�\`�$�V��C!V@����^���d0�6���m���L���&�l��v�'��%kA5�S�p��Lo�e �HO8tT�'\_��IA�2�͢}e�6Id?u@�MX+pS��}�^A\`��O���ߵ=��{ٌ!3ܑ������\[S�&م�ц�����q endstream endobj 199 0 obj <>stream ��?��>X�g� ��\*�lrh�T�\[z\_�xBYLa�sg

CVE-2023-4562

Skip to content

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

*   Notifications
*   Fork 448

*   Code
*   Issues 42
*   Pull requests 5
*   Actions
*   Projects 3
*   Wiki
*   Security
*   Insights

**Commit**

Permalink

Browse files

Browse the repository at this point in the history

enable markdown syntax in custom\_notes field

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

*   Loading branch information

d00p committed

Oct 2, 2023

1 parent a808a3f commit e8ed430

Showing **9 changed files** with **511 additions** and **39 deletions**.

*   composer.json
*   composer.lock
*   *   *   Markdown.php
    *   *   *   Customer.php
            *   Text.php
        *   *   FroxlorTwig.php
*   *   de.lng.php
    *   en.lng.php
*   *   index.html.twig

4 changes: 2 additions & 2 deletions composer.json

Expand Up

@@ -53,10 +53,10 @@

"froxlor/idna-convert-legacy": "^2.1",

"voku/anti-xss": "^4.1",

"twig/twig": "^3.3",

"erusev/parsedown": "^1.7",

"symfony/console": "^5.4",

"pear/net\_dns2": "^1.5",

"amnuts/opcache-gui": "^3.4"

"amnuts/opcache-gui": "^3.4",

"league/commonmark": "^2.4"

},

"require-dev": {

"phpunit/phpunit": "^9",

Expand Down

**0 comments on commit e8ed430**

Please sign in to comment.

CVE-2023-5564: enable markdown syntax in custom_notes field · Froxlor/Froxlor@e8ed430

An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information.

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

CVE-2023-41263: advisories/ATREDIS-2023-0001.md at master · atredispartners/advisories

Finding the right post-quantum cryptographic (PQC) algorithms is necessary, but not sufficient, to future-proof cybersecurity.

The quantum threat to cybersecurity is easy enough to state. A quantum computer of sufficient size can efficiently factor integers and compute discrete logarithms by Shor's algorithm, breaking much of the public-key cryptography in use today, including Rivest–Shamir–Adleman (RSA) and elliptic curve cryptography (ECC). Vulnerable public-key cryptography permeates all layers of the stack, creating a pressing need for post-quantum cryptography (PQC) — public-key algorithms that can protect against quantum computing threats.

Security analysis of the National Institute for Standards and Technology (NIST) candidate algorithms for PQC standardization suggests the need for cryptographic agility, meaning the ability to easily change the underlying cryptographic algorithms or implementations. For example, in the third and fourth rounds of the NIST algorithm evaluation process, experts developed novel attacks against the GeMSS and Rainbow digital signature schemes and the KEM candidate SIKE, causing their elimination from consideration. And recent research demonstrated a side-channel attack on Crystals-Kyber — one of the four algorithms NIST selected for standardization.

In a few years' time, it is unlikely that PQC algorithms and implementations will look exactly as they do now. However, organizations cannot afford to wait to begin the migration to PQC. A breakthrough in quantum computing research could mean that a quantum computer with enough power to break current public-key cryptography gets deployed before organizations have fully inventoried and upgraded all instances of vulnerable cryptography in all internal and third-party applications. Cryptographic orchestration — the ability to centrally view and manage the use of cryptography throughout an enterprise — needs to be a near-term strategy to address security and compliance at scale.

**The Importance of Agility**

The typical deployment model for cryptography is highly decentralized and fragmented, with cryptography coupled directly to end applications and provided by a mix of platform- or language-specific libraries. This model, in turn, leads to reduced visibility and agility. As a result, it is no wonder that a recent memo from the NSA sets a target date of 2035 for the migration to PQC — over 10 years from now.

To balance the need to begin migration now with the realities of an immature ecosystem, organizations should pursue PQC solutions that are agile. Fundamentally, cryptographic agility for a library, protocol, or application means the ability to swap out the cryptographic algorithms or implementations in use with minimal disruption. A cryptographically agile system can rapidly respond to novel cryptanalysis or implementation bugs by easily swapping out or upgrading vulnerable cryptography. Cryptographic agility also allows systems to take advantage of new implementations that are faster or use less memory.

Cryptographic agility, however, should not be the end of the story. Just as with previous transitions — from DES to AES, MD5 to SHA-1, and SHA-1 to SHA-2 — cryptographic algorithms have a life cycle that includes improved iterations and occasionally a phase-out stage. To future-proof their security, organizations should look to develop or integrate solutions with cryptographic orchestration — a single system interface to track and manage the cryptography in use by applications and devices throughout the entire algorithm life cycle.

**Why Orchestration Matters**

The idea of cryptographic orchestration mirrors software-defined networking (SDN) in computer networking. Managing a traditional IP network is a time-intensive, error-prone process that involves manually configuring switches, routers, and middleboxes using vendor-specific tools or command-line interfaces.

The innovation of SDN is a layer of middleware that abstracts away the low-level details of the switches and routers responsible for forwarding packets and exposes an abstract interface at the network policy level. The middleware ensures that the low-level elements implement a given policy. With SDN, implementing dynamic routing policies at scale becomes a tractable problem.

Cryptographic orchestration applies a similar level of abstraction and automation on top of the low-level entities executing cryptographic protocols or algorithms to expose an interface for cryptographic policy. By working at the level of policy, orchestration can also ease the burden for organizations to meet current and future regulatory and compliance requirements at scale.

In the migration to PQC, consider that any compliance target, such as FIPS 140-2, that references vulnerable public-key cryptography will have to change with the quantum threat. Cryptographic orchestration makes such tasks much easier by providing visibility into which algorithms, key sizes, key rotation policies, or entropy sources any instance of cryptography is using, in addition to providing the means to easily swap out vulnerable or noncompliant instances. Orchestration will become even more important as the number of devices and applications in an organization increases due to computing trends such as "bring your own device" (BYOD) and the Internet of Things (IoT).

**PQC Lessons for Enterprise**

Overall, the migration to PQC brings a couple of key considerations for enterprise security to the forefront. First, the PQC standardization process is still ongoing. Experts continue to attack and probe the candidates, while submission teams look to patch deficiencies and optimize implementations in software and hardware. In the short term, the shifting PQC landscape requires cryptographic agility in libraries, protocols, and applications to securely navigate the migration away from vulnerable public-key algorithms.

Second, the PQC process more broadly reminds us that cryptographic algorithms have a life cycle. Classical public-key algorithms are nearing the end of their life cycle, whereas most of the PQC algorithms are still at the beginning. No one can foresee if a new classical or quantum attack will make a particular algorithm obsolete and require yet another migration — or if another technology as disruptive as quantum computing is on the horizon. Consequently, it is critical that we engineer systems that can adequately respond to new developments. Orchestrated and agile cryptography is a vision to achieve this lofty goal and empower organizations to meet security, regulatory, and compliance goals at scale.

Though the PQC migration represents a major challenge for organizations across government and industry, it also represents a fantastic opportunity to shift the enterprise cryptography paradigm toward one of agility and orchestration.

Tag

#git