On December 9th, 2020 our security expert Tom Tervoort won the Pwnie Award 2020 for best cryptographic attack for the Zerologon vulnerability.
The Pwnie Awards are given out once a year during the virtual Blackhat 2020 conference and celebrates the achievements of security researchers and the security community.
The award for Best Cryptographic Attack is awarded to the researcher who discovered the most impactful cryptographic attack against real-world systems. A Pwnie Cryptography Award should represent a meaningful break in a system actually deployed. The attack can require a math Ph.D to understand its workings, but not to understand its impact, and it can’t require a data center in Utah to exploit.
The Zerologon vulnerability (CVE-2020-1472) made use of an all-zero IV in the AES-CFB8 implementation used by Microsoft’s Netlogon authentication protocol allows an attacker to easily spoof credentials. An attacker can use this attack to change any Active Directory password and become Domain Admin.