Possible vulnerabilities in the encryption process. #96
Description
Attack on the policy
Description
The policy is not a cryptographic key, but it is a really sensitive object.
An attacker could trick a user into encrypting data for the wrong right (e.g. one the attacker is entitled to) by providing him with a modified policy.
For example, exchanging the attribute values of the Top Secret attribute with those of the Low Secret attribute would lead to actually encrypt for Department::FIN && Security Level::Low Secret when trying to encrypt for Department::FIN && Security Level::Top Secret.
Fix
The validity of the policy should be checked before each use. This could be done by signing the policy with the master secret key. This signature could be check using the public key.
Attack on the public key
Description
An attacker could trick a user into encrypting data for the wrong right (e.g. one the attacker is entitled to) by providing him with a modified public key.
For example, exchanging the value of a Security Level::Top Secret partition with the one of a Security Level::Low Secret partition in the public key HashMap would lead to actually encrypt for the later partition when trying to encrypt for former one.
Fix
The validity of the public key should be checked before each use. This could be done by signing the public key with the master secret key. This signature could be check using the public key.