ROCA – Vulnerable RSA Key Generation on Some Smart Cards

Latest news on smart card based security solutions tells that once again one vendor has produced low quality firmware for RSA key generation. What makes it even worse is that this hazard was caught up only after cards had been delivered for at least 5 years.

These faulty smart cards were properly tested and certified. Passing certification with a major fault does not foreshadow good protective covering for certified products. Or maybe the certification did not even cover the most important characteristic of PKI in the first place?

https://crocs.fi.muni.cz/public/papers/rsa_ccs17

At the time of this writing, first tools to detect vulnerable keys have been made available.

Looks like some of 1024 bit RSA keys are very vulnerable, and factoring attacks on them can be very low cost (USD 40 to 80 per vulnerable key.) As the fingerprint algorithm is very cheap to perform (about thousand fingerprints per second per CPU), finding vulnerable public keys is easy if one has large database of public keys available. This is why several public directories of citizen certificates were closed past summer 2017.

These vulnerable keys were generated with an algorithm that unfortunately often produced keys far easier to break than in normal case. This does not make breaking good quality RSA keys any easier than before, just that there are now likely millions of keys that are easy to break.

What about PKI SIM cards?

How to find if a SIM card is made on an Infineon chip with faulty firmware?

SIM card factories do not want to lock themselves on a single hardware vendor. Therefore they are not reporting to their customers which chip factory made chips in a given card batch. Infineon is one of the big suppliers of chips, and therefore likely to be on any SIM vendor’s card, and having been deployed on operator network.

Usually Mobile ID systems do not publish their user certificates in a directory (like LDAP) enabling this kind of quick vulnerability search, and impersonation attack. However making a targetted attack is still possible – malicious service requests Mobile ID signature, and in the signature response there is user’s certificate with public key which normally is used to verify the signature response. Now a malicious service cheks if the public key is breakable, and commences attack.

How MSSP system can protect users with vulnerable cards?

MSSP operator can run an offline check of all generated keys, and disable users with detected vulnerable keys.

When a service provider (AP) calls signature service, the MSSP can check that the target user does not have vulnerable key.
If this vulnerability is detected, signature service can be refused.

Similar online check can be done for key generation.

Today Kiuru MSSP provides these key material verification tools.

Is ECC vulnerable?

Alternate PKI technology to RSA keys is ECC.
ECC is not vulnerable for this issue nor for any other known issue either.

Tagged with: ,