ROCA vulnerability in Infineon RSA key pairs
Happy hump day, for those of you in Australia.
I’ll get straight to the point: today’s story is an even bigger deal than the KRACK attack discussed yesterday, especially when it comes to the “long tail” of problems. This flaw will likely be haunting us for years.
A crippling flaw in a widely used code library has fatally undermined the security of millions of encryption keys used in some of the highest-stakes settings, including national identity cards, software- and application-signing, and trusted platform modules protecting government and corporate computers.
The weakness allows attackers to calculate the private portion of any vulnerable key using nothing more than the corresponding public portion. Hackers can then use the private key to impersonate key owners, decrypt sensitive data, sneak malicious code into digitally signed software, and bypass protections that prevent accessing or tampering with stolen PCs. The five-year-old flaw is also troubling because it’s located in code that complies with two internationally recognized security certification standards that are binding on many governments, contractors, and companies around the world. The code library was developed by German chipmaker Infineon and has been generating weak keys since 2012 at the latest.
The flaw is the one Estonia’s government obliquely referred to last month when it warned that 750,000 digital IDs issued since 2014 were vulnerable to attack. Estonian officials said they were closing the ID card public key database to prevent abuse. On Monday, officials posted this update. Last week, Microsoft, Google, and Infineon all warned how the weakness can impair the protections built into TPM products that ironically enough are designed to give an additional measure of security to high-targeted individuals and organizations.
These particular chips are used absolutely everywhere, so it’s hard to overstate the issue.
The Estonian electronic ID card (ID-kaart), in particular, is used for everything from online banking through to voting in national elections (Estonia uses online voting). 750,000 of these cards are affected by the Infinion flaw.
Note that the population of Estonia is only 1.3 million, so its a possible that 750k is the entire set of ID-kaarts. Oh, and Estonia just had their municipal elections two days ago. There’s no evidence that anyone attacked the online component of the election, but that’s the problem with elections - it doesn’t take much to cast results into doubt and cause all sorts of problems.
Public Key Crypto - A Refresher
Asymmetric encryption, also known as Public Key Encryption, underpins every secure transaction we perform over the internet. The foundation of public key crypto is that you have two keys: a public key, and a private key. If you encrypt a message with one of them, it can only be decrypted by the other.
The private key should always be kept secret (hence the name), but the public key is intended to be publicly available. This means that I can give everyone in the world my public key, and if you use that public key to encrypt a message, you know that I’m the only one who can decrypt and read it.
Conversely, if I use my private key to encrypt something, it can only be decrypted with the public key. This means that anyone in the world can decrypt it, which might seem pointless - but it means that you can be certain the message came from me, and wasn’t forged by anyone else. (This is how a digital signature works.)
The point of all this is simple: public keys can be visible to everyone, but you should never be able to use a public key to calculate the corresponding private key.
This is what makes this story such a big deal: the flaw makes it feasible to calculate an Infineon-generated private key from the corresponding public key - something which should be impossible.
Detection of flawed keys
The good news is that the researchers who uncovered the Infineon flaw have also published a tool to detect if a given public key is vulnerable.
That link also contains some additional information about the vulnerability and their research, so it’s well worth reading if you have the time.
In summary, I’ll let Sean Cassidy summarise the last couple of days for me: