<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<div class="moz-cite-prefix">Dne 16. 10. 2017 v 19:54 Tamzen Cannoy
napsal(a):<br>
</div>
<blockquote type="cite"
cite="mid:C13E0E2E-9EB4-4124-B774-3F2E511AB7E8@cannoy.org">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<div class=""><a
href="https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/"
class="" moz-do-not-send="true">https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/</a></div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
"<span style="font-family: opensans; font-size: 15px;" class="">The
flaw resides in the Infineon-developed</span><span
style="font-family: opensans; font-size: 15px;" class=""> </span><a
href="https://www.commoncriteriaportal.org/files/epfiles/0782V2a_pdf.pdf"
style="font-family: opensans; font-size: 15px; box-sizing:
inherit; -webkit-text-decoration-skip: objects; text-decoration:
none; transition: all 0.17s; color: rgb(255, 78, 0);" class=""
moz-do-not-send="true">RSA Library version v1.02.013</a><span
style="font-family: opensans; font-size: 15px;" class="">,
specifically within an algorithm it implements for RSA primes
generation. The library allows people to generate keys with
smartcards rather than with general-purpose computers, which are
easier to infect with malware and hence aren't suitable for
high-security uses. The library runs on hardware Infineon sells
to a wide range of manufacturers using Infineon smartcard chips
and TPMs. The manufacturers, in turn, sell the wares to other
device makers or end users. The flaw affects only RSA encryption
keys, and then only when they were generated on a smartcard or
other embedded device that uses the Infineon library.</span>
<p style="box-sizing: inherit; margin: 20px 0px; font-family:
opensans; font-size: 15px;" class="">To boost performance, the
Infineon library constructs the keys' underlying prime numbers
in a way that makes them prone to a <a
href="https://en.wikipedia.org/wiki/Factorization"
style="box-sizing: inherit; -webkit-text-decoration-skip:
objects; text-decoration: none; transition: all 0.17s; color:
rgb(255, 78, 0);" class="" moz-do-not-send="true">process
known as factorization</a>, which exposes the secret numbers
underpinning their security. When generated properly, an RSA key
with 2048 bits should require several quadrillion years—or
hundreds of thousands of times the age of the universe—to be
factorized with a general-purpose computer. Factorizing a
2048-bit RSA key generated with the faulty Infineon library, by
contrast, takes a maximum of 100 years, and on average only half
that. Keys with 1024 bits take a maximum of only three months."</p>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
The cryptography mailing list
<a class="moz-txt-link-abbreviated" href="mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a>
<a class="moz-txt-link-freetext" href="http://www.metzdowd.com/mailman/listinfo/cryptography">http://www.metzdowd.com/mailman/listinfo/cryptography</a></pre>
</blockquote>
More information about on this page:<br>
<pre wrap=""><a class="moz-txt-link-freetext" href="https://crocs.fi.muni.cz/public/papers/rsa_ccs17">https://crocs.fi.muni.cz/public/papers/rsa_ccs17</a>
</pre>
<br>
<pre class="moz-signature" cols="72">--
Jan Dušátko
Phone: +420 602 427 840
e-mail: <a class="moz-txt-link-abbreviated" href="mailto:jan@dusatko.org">jan@dusatko.org</a>
SkypeID: darmodej
GPG: <a class="moz-txt-link-freetext" href="http://www.dusatko.org/downloads/jdusatko.asc">http://www.dusatko.org/downloads/jdusatko.asc</a></pre>
</body>
</html>