Researchers have revealed several substantial vulnerabilities this month. First Krack and now ROCA, also known as the ‘Return of Coppersmith's Attack.’
This newly discovered vulnerability places a wide range of machine identities at risk because it targets the software library utilized by hardware chips manufactured by Infineon Technologies AG. These chips are vulnerable to a factorization attack, in which the perpetrator can compute the private part of an RSA key.
The ROCA vulnerability raises questions about the security of Trusted Platform Modules (TPMs). These secure cryptographic integrated circuits can be found embedded in chipsets and they implement the triad of security: confidentiality, integrity and authenticity.
TPMs are relied on to secure enterprises in all kinds of ways, including:
In addition, TPM hardware modules exist in personal computers, servers, and networking devices, and they are also used in Hardware Security Modules (HSM), mobile phones and IoT devices.
Unfortunately, researchers have determined that public keys can be factored into revealing the prime number used to generate encryption. Cryptographic best practices would require that both the public and private key would be randomly generated before being multiplied to create a strong encryption key.
However, in the case of this vulnerability the Infineon library was not generating truly random prime numbers. Thus, the prime number could be derived and compromised. Currently, the confirmed number of vulnerable keys found is about 760,000, but there is a possibility that up to two to three magnitudes more are vulnerable.
The widespread impact of this attack is just being realized. Previously, we had trust concerns with TPMs. TPM security relies entirely on the manufacturer and the authorities in the country where the hardware is produced and their securing of the private endorsement key. This practice has many security experts worried.
On a positive note, remediation has already begun a few vendors have released patches and the Centre for Research on Cryptography and Security suggests organizations take the following steps for remediation:
In addition, the Centre also provides a tool to check whether keys are vulnerable: https://keychest.net/roca and entering a public key there.
How secure are your public keys?