ROCA attack [1Password is not affected]

hmoellerhmoeller
edited October 2017 in Lounge

Hi out there,

Just recently, Slovak and Czech researchers have found a very serious flaw in Infineon's crypto library which generated crippled RSA key pairs back since 2012. These key pairs allow the private part to be calculated from the public part in a very short term. Find the details on the ROCA (Return of Coppersmith's attack) in this article.

Is 1Password eligible to this flaw?

The paper giving the details of the flaw will be published on November, 2nd. So there is some time left to react, at least with respect to currently used keys. This is not the case with respect of formerly stored vaults, e.g. on a Dropbox. These vaults might be completely exposed to this attack without any chance to counter-act. There's only one chance in a situation like this: Change all your passwords prior to November, 2nd.

Please take this serious since it is one of the worst scenarios thinkable with respect to RSA cryptography.

Best regards,

Henning


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:infineon

Comments

  • brentybrenty

    Team Member

    @hmoeller: No. 1Password is not using RSA-generated keypairs. And, as mentioned in the Ars Technica article (emphasis added),

    The flaw resides in the Infineon-developed RSA Library version v1.02.013, specifically within an algorithm it implements for RSA primes generation. [...] The library runs on hardware Infineon sells to a wide range of manufacturers using Infineon smartcard chips and TPMs. [...] The flaw affects only keys generated with the RSA algorithm, and then only when they were generated on a smartcard or other embedded device that uses the Infineon library.

    I hope this helps! :)

  • Helps a lot. Thank you very much for the clarification.

    BTW: The flaw may also affect systems which are using Microsoft's Trusted Platform Management. That's not necessarily a smartcard or embedded system. For example, it seems to affect Bitlocker, as well.

  • there were articles about this last week on Ars. Looks like that those libraries are showing up in more and more places.

    https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/

  • brentybrenty

    Team Member
    edited October 2017

    BTW: The flaw may also affect systems which are using Microsoft's Trusted Platform Management. That's not necessarily a smartcard or embedded system. For example, it seems to affect Bitlocker, as well.

    @hmoeller: Well, technically, TPM is an embedded system Intel builds into chipsets...but I agree that I oversimplified. 1Password isn't using TPM though, so while it's an excellent point — I stand corrected — it's moot in this case. Thank you for catching that! :)

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file