Skip to main content
banner image
venafi logo

ROCA Risks: Are Your Keys Safe?

ROCA Risks: Are Your Keys Safe?

roca factorization attacks
October 19, 2017 | Nick Hunter

Researchers have revealed several substantial vulnerabilities this month. First Krack and now ROCA, also known as the ‘Return of Coppersmith's Attack.’

This newly discovered vulnerability places a wide range of machine identities at risk because it targets the software library utilized by hardware chips manufactured by Infineon Technologies AG. These chips are vulnerable to a factorization attack, in which the perpetrator can compute the private part of an RSA key.

The ROCA vulnerability raises questions about the security of Trusted Platform Modules (TPMs). These secure cryptographic integrated circuits can be found embedded in chipsets and they implement the triad of security: confidentiality, integrity and authenticity.

TPMs are relied on to secure enterprises in all kinds of ways, including:

  • Random password generation
  • Secure digital credentials in password and key vaults
  • Symmetric key management
  • Smart cards
  • Fingerprint readers
  • Multi-factor authentication devices
  • File, disk, data encryption
  • System, file, and data access controls
  • System integrity validation and authentication
  • VPN/WIFI authentication and encryption
  • Routers, switches, firewalls, proxies, load balancers – All layers of the network OSI model that create encryption

In addition, TPM hardware modules exist in personal computers, servers, and networking devices, and they are also used in Hardware Security Modules (HSM), mobile phones and IoT devices. 

Unfortunately, researchers have determined that public keys can be factored into revealing the prime number used to generate encryption. Cryptographic best practices would require that both the public and private key would be randomly generated before being multiplied to create a strong encryption key.

However, in the case of this vulnerability the Infineon library was not generating truly random prime numbers. Thus, the prime number could be derived and compromised. Currently, the confirmed number of vulnerable keys found is about 760,000, but there is a possibility that up to two to three magnitudes more are vulnerable.

The widespread impact of this attack is just being realized. Previously, we had trust concerns with TPMs. TPM security relies entirely on the manufacturer and the authorities in the country where the hardware is produced and their securing of the private endorsement key. This practice has many security experts worried.

On a positive note, remediation has already begun a few vendors have released patches and the Centre for Research on Cryptography and Security suggests organizations take the following steps for remediation:

  • Apply the software update if available.
  • Replace the device with one without the vulnerable library.
  • Generate a secure RSA keypair outside the device and import it to the device.
  • Use other cryptographic algorithm (e.g., ECC) instead of RSA on affected devices.
  • Apply additional risk management within your environment, if the RSA key in use is detected as vulnerable.
  • Use key lengths which are not currently impacted (e.g., 3936 bits) by our factorization method. Be aware: use this specific mitigation only as a last resort, as the attack may be improved.

In addition, the Centre also provides a tool to check whether keys are vulnerable: and entering a public key there.

How secure are your public keys?

Like this blog? We think you will love this.
Featured Blog

Lloyd's Backs Off Insurance for State-Sponsored Cyberattacks

Cyber related businesses are ‘e

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Nick Hunter
Nick Hunter

Nick Hunter is an accomplished infosec leader with proven performance in driving revenue through successful strategy, enablement, pre-sales, and marketing. He was formerly Sr. Technical Marketing Manager and Product Manager at Venafi.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more