SAS PWENCODE DECODE

Decrypt passwords of SAS Software encryption {sas004} {sas003} {sas002} {sas001} and {sasenc}.

There are many myths about the safety of SAS password encryption PROC PWENCODE.
Let me put it in a few words: encrypted passwords were, are and will never be safe!

It's a totally stupid idea to store passwords in the source code and output even in logfiles!

PROC PWENCODE METHOD	Data Decryption Status	Decode Password Encryption Algorithm
{SAS001} is insecure	successful decoded	Very simple decode / base64
{SASENC} is insecure	successful decoded	Use a 32-bit key to decode passwords / SAS proprietary
{SAS002} is insecure	successful decoded	Use a 32-bit key to decode passwords / SAS proprietary
{SAS003} is insecure	successful decoded	Use a 256-bit key to decode passwords / AES
{SAS004} is insecure	successful decoded	Use a 256-bit key plus 64-bit salt to decode passwords / AES

Warning: Encrypted passwords are generally not safe! Therefore, this design pattern is basically the wrong approach.

SAS software itself must be able to decrypt the password. For security reasons, I will not publish the algorithms for decryption.
You're welcome to send your encrypted password in an email to me and I can send back your password in plain text.

It's not a good idea to store the encrypted passwords in the code or files! This command retrieves all passwords in SAS files on your server.

   find . -name '*.sas' -print0 | xargs -0 grep '{sas' > ~/grep_saspwd.txt

My proof of concept takes about 100 lines of code to decrypt any SAS password.
It does not matter whether the SAS passwords stored in plain text or encrypted in the source code or in the metadata server. My decryption will always work.
If you want to hide passwords from 99% users, then use a SAS Library MetaData! There is no other safe way to hide passwords in SAS!

SAS PWENCODE DECODE

As you can see in the picture, there is no real protection, because you can use the password for other services!

So the problem is in the security design itself. In my proof of concept I just simulate a regularly login service.
SAS001 and SAS002 are simple transformations that can be translated back. SAS003 use encryption with a small key without any salt.
SAS004 based on a secure encryption with a random salt value. Although this is very good, but still unsecure. Why?

The credentials are not bind to a service! Each administrator and eventually user can read this credentials.
You can use the encoded password for another service. You only have to simulate the login process from a service!
That's all. It is not necessary to crack the encryption because SAS itself decrypts the password for you.

My wish list for the future:

credentials stored in a secure container
credentials bind to a service
no administrator or user can see any credentials
random surrogate id for the service instead of encrypted passwords

What I do not like:

system root can read my application files at the filesystem
sas admins can read my application metadata by using the management console
sas users can read passwords by using the metadata api
sas users and admins can downgrade my encoded passwords to SAS002

This entry was posted in March 2015. I hope at a later date credentials can be securely stored.

SAS ® are trademarks or registered trademarks of SAS Institute Inc.