[Cryptography] Millions of high-security crypto keys crippled by newly discovered flaw

Jan Dušátko jan at dusatko.org
Mon Oct 16 16:38:16 EDT 2017


Dne 16. 10. 2017 v 19:54 Tamzen Cannoy napsal(a):
> https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/
>
>
> "The flaw resides in the Infineon-developed RSA Library version
> v1.02.013
> <https://www.commoncriteriaportal.org/files/epfiles/0782V2a_pdf.pdf>,
> specifically within an algorithm it implements for RSA primes
> generation. The library allows people to generate keys with smartcards
> rather than with general-purpose computers, which are easier to infect
> with malware and hence aren't suitable for high-security uses. The
> library runs on hardware Infineon sells to a wide range of
> manufacturers using Infineon smartcard chips and TPMs. The
> manufacturers, in turn, sell the wares to other device makers or end
> users. The flaw affects only RSA encryption keys, and then only when
> they were generated on a smartcard or other embedded device that uses
> the Infineon library.
>
> To boost performance, the Infineon library constructs the keys'
> underlying prime numbers in a way that makes them prone to a process
> known as factorization <https://en.wikipedia.org/wiki/Factorization>,
> which exposes the secret numbers underpinning their security. When
> generated properly, an RSA key with 2048 bits should require several
> quadrillion years—or hundreds of thousands of times the age of the
> universe—to be factorized with a general-purpose computer. Factorizing
> a 2048-bit RSA key generated with the faulty Infineon library, by
> contrast, takes a maximum of 100 years, and on average only half that.
> Keys with 1024 bits take a maximum of only three months."
>
>
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
More information about on this page:

https://crocs.fi.muni.cz/public/papers/rsa_ccs17


-- 
Jan Dušátko

Phone:		+420 602 427 840
e-mail:		jan at dusatko.org
SkypeID:	darmodej
GPG:		http://www.dusatko.org/downloads/jdusatko.asc

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171016/3b7e86e4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jan.vcf
Type: text/x-vcard
Size: 172 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171016/3b7e86e4/attachment.vcf>


More information about the cryptography mailing list