News

Attack on weak rsa keys from Infineon turns out to be faster

By admin
Spread the love

Scientists Tanja Lange and Daniel Bernstein have investigated the so-called Roca attack and have concluded that it can be carried out up to 25 percent faster. This has consequences for a realistic attack scenario.

The researchers publish their findings in a blog post. In it, they write that they developed their method by looking at the limited information that the discoverers of the Roca attack published about three weeks ago. They report that it was not difficult to reconstruct the attack, leading them to believe that a “serious attacker” could have discovered the vulnerability themselves and exploited it. They were able to make the attack up to 25 percent faster. Ars Technica reports that the original discoverers then developed an attack that was four times more efficient than the original.

Lange and Bernstein say that the original estimates of the cost of an actual attack have been overestimated. According to the discoverers, 20,000 euros was sufficient for an average attack, but they were based on rented equipment and consumer CPUs. This could be done faster by purchasing your own equipment that reduces the time of an average attack to four months. The CPUs could be replaced by GPUs, FPGAs or ASICs, according to Lange and Bernstein.

An attack with GPUs, for example, would reduce the cost of cracking a vulnerable 2048-bit key to $ 2000, Enigma Blue CEO Dan Cvcek said in an email to Ars Technica. Lange and Bernstein further disagree with the estimate that electoral fraud in Estonia would require all vulnerable ID cards to be cracked with the RSA keys. A 10 percent share could already trigger significant shifts in the outcome. Estonia blocked the certificates of 760,000 digital ID cards last Friday, because they use the vulnerable RSA keys.

The rsa keys produced by Infineon chips are susceptible to a so-called factorization attack. This means that the public key can reveal the private key, which should never happen. According to Lange and Bernstein, this is a problem because rsa is not only used for digital signatures, but also for encryption. That means that an attacker who has an intercepted ciphertext can later retrieve its contents, even if the sender has replaced its vulnerable keys at a later time.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Sony and Microsoft sign agreement to keep Call of Duty on PlayStation