Flawed chipsets used by PCs to generate RSA encryption keys have a vulnerability which has weakened the security of stored passwords, encrypted disks and documents. The flaw has been found in cryptographic smartcards, security tokens, chipsets and secure hardware manufactured by Infineon Technologies. Their cryptographic chips and Trusted Platform Modules (TPMs) are also integrated within authentication, signature and encryption tokens of other vendors and chips.
The Return of the Coppersmith’s Attack (ROCA) vulnerability relates to the TPM used to cryptographically sign and protect computer systems and services. The flaw was discovered within the implementation of RSA keypair generation in a cryptographic library, allowing what is called a “practical factorisation” attack. This attack permits an attacker to use a target’s public key to generate a private key with some time and power. The attack is possible for common key lengths, including 1024 and 2048 bits.
Note that the RSA algorithms are not at fault, rather faulty products incorrectly implementing them and producing poorly randomised results.
- If not listed, check devices for NIST FIPS 140-2 or CC EAL 5+ certified hardware.
- Users and administrators are encouraged to apply the necessary updates. HP, Google, Microsoft, Lenovo and Fujitsu have patches available.
- Increase the key lengths to more than 2048 bit.
- If a sensitive device cannot be patched, consider replacing the device.