A flaw in a widely used cryptographic library has compromised the security of millions of encryption keys used in high-end applications, including national ID cards, software and application software, and trusted platform modules that protect government and corporate computers. .
The vulnerability allows attackers to calculate the private part of any private key using nothing more than the corresponding public part. Hackers can then use the private key to impersonate the key owners, exfiltrate sensitive data, sneak malicious code into digital signing software, and security safeguards that prevent access or tampering with stolen PCs. The five-year-old bug is also confusing because it is in code that complies with two international security certification standards that are binding on many governments, contractors, and companies around the world. The code library was developed by German developer Infineon and has been generating weak keys since 2012 at the latest.
The error was pointed out by the Estonian government last month when it warned that 750,000 digital IDs issued since 2014 are vulnerable to attack. Estonian officials say they are closing the ID card public key database to prevent misuse. On Monday, officials Post this update. Last week, Microsoft, Googlewe had Infineon they all warn of how vulnerabilities can damage the protections built into TPM products that ironically are designed to give an extra layer of protection to highly targeted individuals and organizations.
“In public key cryptography, a fundamental property is that public keys are public — you can give them to anyone without any impact on security,” said Graham Steel, CEO. Cryptosense, which makes software for testing encryption security. “In this work, the property is completely destroyed.” He continued:
It means that if you have a document digitally signed with someone’s private key, you can’t prove that it was actually them who signed it. Or if you send sensitive data encrypted under someone’s public key, you can’t be sure that only they can read it. You can now go to court and deny that you signed something—there’s no way to prove it, because theoretically, anyone could have worked your private key.
Both Steel and Petr Svenda, one of the researchers who discovered the error library, also warned that the flaw has, or at least has the potential to create problems for elections in countries where harmful cards are used . While actual voter fraud would be difficult to do, especially on the scale needed to change the polls, “just the possibility (though unlikely) is troubling as it is the support for many fake news or conspiracy theories, “Svenda, who is a professor at Masaryk University in the Czech Republic, told Ars. Calling out the various developers of the declassified National Security Agency software, Steel added: “Imagine a Shadowbrokers company sending a couple of private keys over the Internet and claiming to have used and to break many more.”
The error is the subject of a research paper titled The Return of the Coppersmith Attack: An Implementation of the Widely Used RSA Modulewhich will be presented on November 2 ACM Conference on Computer and Communications Security. The vulnerability was discovered by Slovak and Czech researchers from Masaryk University in the Czech Republic, Enigma Bridge in Cambridge, UK, and Ca’ Foscari University in Italy. To give people time to change the keys, the paper describing the integration method was not published until it was presented at the conference.
Defects live in Infineon-developed RSA Library version v1.02.013, especially among the algorithms it produces for RSA primes generation. The library allows people to generate keys with smartcards instead of with general purpose computers, which are easy to infect with malware and therefore not suitable for high security uses. The library works on hardware Infineon sells to many manufacturers using Infineon smartcard chips and TPMs. Manufacturers, in turn, sell the products to other manufacturers or end users. The mistake is just one keys are generated with the RSA algorithmand then only when they are generated on a smartcard or other embedded device that uses the Infineon library.
To increase performance, the Infineon library constructs the prime numbers of the keys in such a way that the keys are sensitive to a process known as factorization, which reveals the secret numbers under their protection. When properly generated, an RSA key with 2048 bits should require several quadrillion years—or hundreds of times the age of the universe—to be computed with a general-purpose computer. Generating a 2048-bit RSA key generated with the invalid Infineon library, by contrast, takes at most 100 years, and on average half that. Keys with 1024 bits only take a maximum of three months.
Integration can be greatly accelerated by spreading the load on multiple computers. While the costs and times vary for each vulnerable key, the worst case for a 2048-bit one will require no more than 17 days and $40,300 using a 1,000 device on Amazon Web Service and $76 and 45 minutes to measure the affected 1024-bit. button. In general, it will require half the cost and time to measure the keys involved. All that is required is passing the public key through the known extension Coppersmith’s Attack.
While all keys generated with the library are much weaker than they should be, it is not currently practical to rate them all. For example, 3072-bit and 4096-bit keys are not automatically used. But on the contrary, theoretically stronger, a 4096-bit long key is much weaker than a 3072-bit key and may fall within the reach of a practical (albeit expensive) production if the researchers’ method is improved.
To save time and cost, attackers can first test the public key to see if it is vulnerable to the attack. The test is inexpensive, requires less than 1 milliliter, and its developers believe it produces practically zero false positives and zero false negatives. Finger typing allows attackers to apply effort only on keys that are automated. Researchers have used the method successfully to identify weak keys, and they have provided it tool here to test whether a given key is generated using the error library. A blog post with more details is available Here.
Finding vulnerable keys
Researchers examined the keys used in electronic identification cards issued by four countries and quickly found two—Estonia and Slovakia—producing documents containing fingerprint keys, both of which were the bits are 2048 long, making them programmable. Estonia has reported defects in what it says are 750,000 cards issued since 2014. Ars checked the keys used in the e-residential card Ars Business Editor Cyrus Farivar received in 2015, and they came back as factorizable.
While his public key data was deleted, Estonian officials still have it announced plans to convert all keys to a non-harmful format, starting on Nov. The status of Slovakia’s program was not immediately clear. With two out of four countries having tested positive for fingerprint keys, a more complete search is likely to identify many more countries issuing cards with manufactured keys.
Next, the researchers examined a sample of 41 different laptop models that used reliable platform modules. They found vulnerable TPMs from Infineon in 10 of them. The vulnerability is particularly important for the TPM 1.2 version, because the keys used to manage Microsoft’s BitLocker hard disk encryption are a factor. That means anyone who steals or finds the affected computer can bypass the encryption protecting the hard drive and boot process. TPM version 2.0 does not use factor keys for BitLocker, although RSA keys generated for other purposes are still in effect. Infineon has released a firmware update that disables the library, and the affected TPM manufacturers below are in the process of releasing one as well.
The researchers also scanned the Internet for fingerprints and quickly found hits in a surprising number of places. They found 447 fingerprint keys — 237 of them factored — used to sign GitHub commits, some of the most popular software packages. GitHub has since been notified of the fingerprints and is in the process of allowing users to change them.
The researchers also found 2,892 PGP keys used for encrypted email, 956 of which were factored. The researchers noted that most of the PGP keys were generated using the Yubikey 4, which allowed owners to use a bug library to create RSA keys on the chip. Other functions of the USB device, including U2F authentication, are not affected. Yubico has more details Here.
The researchers went on to find the 15-factor keys used for TLS. Surprisingly, almost all of them have the string “SCADA” in the common namespace. That makes it possible that the certificates were used by an organization involved in Monitoring and Data Collection, which uses computers to manage dams, power plants, and other industrial facilities. . All 15 fingerprint keys have a characteristic that affects their first numbers that are outside the range of what is generated by the Infineon library, which makes it possible that there is a change that has not been documented.
This is the second time in four years that we have seen a major crypto flaw hit a crypto scheme that has passed rigorous certification tests. In 2013, various researchers discovered flaws in Taiwan’s secure digital ID system that would allow attackers to impersonate certain citizens. According to the flawed Infineon library, the underlying cryptography in Taiwanese digital ID is advertised as outdated. FIPS 140-2 Level 2 and the Common criteria standards. Both certifications are managed by the National Institute of Standards and Technology. Both certifications are often required for certain uses in government agencies, contractors, and others. In the Taiwanese case, the cards were not properly configured by the seller before shipping, a situation that meant they were not tested by NIST.
The researchers who revealed the Infineon library flaw questioned whether the secrecy required by some authentication process played a role. They write:
Our work highlights the dangers of keeping design and implementation secret in closed-source, even if both are properly analyzed and approved by experts. The lack of public information causes a delay in finding defects (and hinders the process of checking for them), thus increasing the number of devices that have already been deployed and affected at the time of detection.
All told, the researchers estimate that Infineon’s flawed library could have generated tens of millions of RSA keys in the five or so years it’s been in business. A good many of them are automated, but even those that aren’t are more vulnerable to customization than federal standards and common sense security guidelines dictate. RSA keys generated with OpenSSL, PGP compliant systems, or similar computer systems are not affected. People who have relied on smart cards or embedded devices for cryptographic operations should test their RSA keys using fingerprint scanner. In the event that the keys test positive, people should cancel them as soon as possible and make new ones. Keys using Elliptic Curve Cryptography and other non-RSA methods are not affected.
It will take some time for people to identify all the weak keys. They should start by replacing those known to be fake, but eventually all RSA keys generated by the flawed library should be gone. Architects and engineers within NIST and other standards organizations should also use the failure to learn how to improve their high security verification processes.
This post has been updated to correct information about Taiwanese ID cards.