"Infineon Technologies AG is a German semiconductor manufacturer founded on 1 April 1999"
Joke's on us then
RSA keys produced by smartcards, security tokens, laptops, and other devices using cryptography chips made by Infineon Technologies are weak and crackable – and should be regenerated with stronger algorithms. In short, Infineon TPMs – aka trusted platform modules – are used in countless computers and gadgets to generate RSA …
The article mentions a bug but in a post-Snowden World was it incompetence or intent? I mean, the NSA have foisted one flawed encryption mechanism on us (Elliptical Key weakness) and have been observed trying with a new one but got called out on it. Snowden's releases showed that they have form paying for flaws to be inserted in systems, so why not?
All crypto systems are flawed to allow for backdoors... just as simple as that. All the official "secure" crypto systems are flawed by design on purpose. Backdoors are needed by secret agencies and so the crypto systems must be flawed.
What would happen if there were hundreds or thousands of unknown custom crypto algorithms in place? Officially on books they tell people that hiding the crypto algorithms is not going to increase security and other nonsense babbling like that... far from the truth .. but that ensures that almost everyone would follow rules and use known crypto systems by making them think that a custom design would be easier to crack.
"sneaky as I am it's engraved reversed ha ha ha hoo! totally secure!"
Bad news: you unwittingly weakened your own security, considering that in the mirror one would presumably be most likely to use to read a plate on the bottom edge of something, your reversed text would actually read naturally de-reversed. See, this is why rolling your own crypto is always a bad idea...
Proves absolutely nothing about security by obscurity. Even if this had been a fully open platform it'd still have been vulnerable. May (or may not) have been easier to find, we don't know, but irrelevant unless anyone's looking.
I've heard of "TPM", but never really looked into it. According to the Wikipedia page it's primarily for ensuring that software/hardware hasn't been tampered with. I found this long list of (all?) HP products that are effected by this:
So there is a *lot* of stuff out there with these chips.
However, I have to wonder what there is of importance that actually uses this stuff. Under Linux there's a "TrouSerS" library that seems to be the way that most people access TPM, including libengine-tpm-openssl, by which you can generate keys via OpenSSL using TPM. However, it doesn't seem to be generally used. I also found someone who managed to get OpenSSH to use TPM, but again, this does not seem to be common.
My understanding was that RSA keys for certificates, ssh keys and things I generally care about are generated using the normal processor rather than special hardware.
A quick look makes it seem that none of the stuff I use (and care about) will be effected, but that's based on a whole 5 minutes of half-arsed research. Can anyone shed some light on the applicability of this vulnerability?
Good luck buying a machine nowadays without a TPM.
Most places will let you turn it off, but sometimes "Secure Boot" is a necessity, especially for odd devices (e.g. Windows tablets, Chromebooks, etc.) and TPM is a part of that.
It's a chip that holds a keystore. The keys can be plugged into it. They can be used to encrypt and decrypt. But the key doesn't come back out (I'm pretty sure nobody's managed that yet, certainly not a cheap/easy/guaranteed way). It's basically what smartcards are - you know they have a key, you know they have the private part of it (because they can encrypt and decrypt) but you can't extract the private part of the key itself once it's on there.
The OpenSSL stuff is just using the TPM as a keystore. It has nothing to do with usage of the TPM by, for example, a Microsoft key signing a Microsoft bootloader. P.S. even modern Linux distros have to have a Microsoft-signed bootloader to boot on UEFI / Secure Boot systems. In theory you can add third-party keys, but the UEFI BIOS rarely actually expose the option to the end-user.
Modern Windows can even put things like the equivalent of Windows product keys into the TPM (not quite, but almost) - so that the machine is licensed without needing the user to type anything. BIOS-locking done at the factory, basically. It also means that if you move your Windows install to a different board / chip / BIOS / machine it likely will de-activate itself.
The generation of those keys, however, is a concern and it very much depends on whether they were made by the machine itself, by the TPM chip in the machine, or by the manufacturer. Also, as per your OpenSSL example, there is room on the chip to use it for DRM for software manufacturers or yourself. Thus, some people will now have TPM keys that aren't as secure as they believed.
It's not infeasible that such an attack will hurt BIOS-locking manufacturers (including people like Google who use the TPM on their Chromebooks), software DRM schemes for the most expensive software, Bitlocker (eek!) and activation keys on Windows, etc.
The TPM chips now do everything from random number generation to the full encryption/decryption of the data stream, potentially from boot-up to shutdown.
And just about every machine now has one to the point that they are incredibly difficult to avoid. Your smartphone probably has one. As does your tablet. And so will your PC if it's been made in the UEFI era (even legacy BIOSs are becoming rarer now, but they often appear as a set of "UEFI Only / UEFI and Legacy" options so the UEFI/TPM/etc. stuff is often still present but unused for boot-integrity (Secure Boot) unless you make the machine do something like Bitlocker).
This is a big ouch, which is why some manufacturers are running around re-building their TPM keys at the moment.
>Any one who considers arithmetical methods of producing random digits is, of course, in a state of sin." - John Von Neumann
Current state of trust: not trusted. As it should have been all along.
Between the two it's an all-hours data buffet in hacker land. Now add in the Intel AMT hack, and various others. I assure you that state actors have had access to this stuff for years and now the kids get to play.
You need precisely one compromised device on the corporate network and you own the whole thing. Your medical records? For sale. Your ballot box too. It isn't a question of whether the data is hacked but who first, how many and how often.
So glad I got out of the biz. It's a mess.
who else has the funds to pursue this kind of attack?
$40-60k is easily within the "investment" budget for organised crime.
Their main problem is how to convert the attack into some form of blockchain currency or cash, but some form of attack on banks, money transfer operators, or corporate treasury departments would seem the obvious way. That requires diverting money transfers to different destinations, making fraudulent transfers directly, or nobbling the commercial systems to grant loans that will then be cashed out, never to be seen again.
Vendors like HP and CIsco have been distributing patches since the day this was publicly disclosed. It appears many other vendors are asleep at the wheel. I've just replaced some Asus hosts as they are yet to be updated. No mention of it on their sites or forums and no response to support requests, yet they even sold TPM modules w Infineon chips as a value add for their kit: The client tells me they will NEVER buy Asus again.
Noone ever got sacked for buying IBM, but what about Asus?
Our HP boxes were patched on day one.
Asus had no advice, and have responded to our support ticket, but are yet to patch the firmware in their TPM chips/motherboards. So we ended up having to remove them from production.
If Asus don't sort their stuff out and send us a patch by the end of the month, they will all get thrown out.
No wonder some people pay IBM (or in our case from now on, HP) ;-)
Biting the hand that feeds IT © 1998–2020