There is a newly discovered vulnerability, dubbed as ROCA (Return of Coppersmith’s Attack), in RSA encryption keys used in smart cards, security tokens and PC chipsets. The said vulnerability can be found in chips made by German company Infineon Technologies AG.
RSA (Rivest–Shamir–Adleman) is one of the first practical public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and it is different from the decryption key which is kept secret (private).
The ROCA vulnerability works by using the public-key, the key used for encryption to reverse-calculate the private key and decrypt the target data or access the target device.
The ROCA vulnerability, CVE-2017-15361, almost dates five years ago. This attack type permits a threat actor to use a target’s public key to generate a private key with some time and power. The attack is possible for common key lengths, including 1024 and 2048 bits, and could be utilized against chips manufactured by Infineon Technologies in as early as 2012.
The vulnerability, if successfully employed, could breach the security of almost everything from disk encryption to account security, secure browsing, software signing and authentication tokens. Microsoft devices, Google Chromebooks, HP, Lenovo and Fujitsu PCs and laptops, alongside routers and other devices are all affected.
The ROCA vulnerability could allow attackers to present themselves as key owners, decrypt sensitive data, inject malicious code into digitally signed software, and bypass protections that prevent access to a particular computer.
The following image shows how widespread the RSA key vulnerability is:
Considering that ROCA affects millions of devices, manufacturers should start creating and applying patches and workarounds. On the other hand, users should verify as soon as possible if their RSA keys are affected by the said vulnerability.
Fortunately, researchers have provided ways to check if a user’s keys are affected. Following are the links to the key testers:
Offline Tester – https://github.com/crocs-muni/roca
Online Tester – https://keychest.net/roca
Online Tester – https://keytester.cryptosense.com/
With such powerful vulnerability exposed by numerous researchers, end-users can simply trust on the prowess of the manufacturers and hope that the widespread vulnerability can be patched soon before cyber-criminals and malicious cyber-specialist find a way to use the ROCA to benefit their own interests.