Secure Those Keys: What you need to know about the ROCA Bug

Researchers have discovered a security vulnerability in crypto chips produced by Infineon Technologies AG that generate RSA public keys. If you’re thinking to yourself, “What…?” or, “Okay, just tell me what to do, please,” then you should keep reading. If you’re looking for more technical details, the author’s disclosure is available here. You can also check out affected products and keys on GitHub.

Although this is a major flaw, I want to tell you that it only affects a very small subset of RSA keys, probably not even 1% of RSA keys. RSA is used by most websites to secure traffic, but not a single website has been found vulnerable.

Where are the chips and what you should do

If you don’t have a chip then you don’t have a problem. These chips show up in many different devices, such as smartcards, security tokens, laptops, and other devices using these cryptography chips chips, that may or may not be Infineon-branded. If you have an affected device it is most likely a computer with a TPM chip or a hardware authentication device. The adopted software library allows for a practical factorization attack, which means the attacker computes the private part of an RSA key.

TPM Chip

TPM stands for “Trusted Platform Module”. It is a specialized chip that may be found in your laptop, or other endpoint device, that makes sure someone has not fiddled with the laptop’s hardware and software. These TPMs are used in various devices to generate RSA key pairs for secured crypto processes, and are part of the flaw allowing adversaries to potentially gain control and decipher data secured through these integrated keys.

If you have a TPM chip on your laptop (and even if you don’t) you need to make sure you are getting updates. Microsoft already released an update for this October 10th. Other vendors have done the same. Check with your computer manufacturer for details.

Hardware Authentication Devices

There are various hardware devices that provide authentication, or sign you into things. This includes certain ID cards with embedded chips and U2F devices (like Yubikey). If you have a device that does this, you should consult with the vendor who provided it. They will likely have information posted on their website if they’re affected.

Even if you do have one of these devices you may still be safe. The vulnerability is only in how RSA private keys are generated on the device. So, if crypto keys were created on a computer and transferred to the device then you are not affected. Also, Elliptic-Curve Cryptography (ECC) keys would not be affected, even if they were created on the device.

If you can get your public key off the device, you can then check it with various tools made available by the authors here. If you are vulnerable then you should backup your private key and create a new private key on your computer and transfer it to you device. This allows you to continue using the device without suffering from the vulnerability. Details on how to do this should be found on the manufacturer’s website.

Conclusion

We won’t know all the details of this vulnerability until the authors present their findings on November 2 at the ACM CCS conference. The authors did drop some hints though, such as the title of their paper and the test tools they published. So, because of these hints, it might be possible for an malicious cryptographer to use them and start his attack early. The authors tell us that on a modern processor it takes 97 CPU days to crack a 1024 bit RSA key. This time can, of course, be reduced with more computational power.

Yet again, we have another race between the “good guys” patching and the “bad guys” exploiting. Even though the nature of this vulnerability may give the “good guys” a bit of a head start, it is no excuse to sleep. Rotate your affected private keys as soon as you can.