Exploiting ROCA Cryptocurrency Vulnerability May Be Easier Than Imagined

In our blog on Habré, we already wrote that an international group of information security researchers discovered a critical vulnerability of ROCA (Return of Coppersmith's Attack) in the popular RSA Library v1.02.013 encryption library from Infineon. Error CVE-2017-15361 in the algorithm for generating RSA primes makes the encryption keys generated by the Infineon library vulnerable to factorization - this allows attackers to reveal the secret part of the key.

And if, shortly after the announcement of the vulnerability, the researchers claimed that its use for mass attacks would be unprofitable for attackers from an economic point of view, now other independent experts Daniel J. Bernstein and Tanja Lange published a detailed studyAccording to which, the operation of ROCA in practice may be cheaper and easier than originally thought.

The library containing the vulnerability is used to ensure the security of national ID cards in several countries, as well as in many popular software products used by both government bodies and business.

Initial calculations suggested that using CVE-2017-15361 to recreate a 1024-bit key would require approximately 97 days of processor operation, which is equivalent to a cost of $ 40- $ 80, and for a 2048-bit key it would take 51,400 days and 20,000-40000 dollars. The authors of the study also estimated that hacking 760 thousand Estonian ID cards would cost attackers 60 billion euros - 80 thousand per card.

Now, evidence was presented that this can be done 5-25% faster, and hacking one ID will cost no more than 20 thousand euros - not to mention that hacking all IDs does not make sense, because for manipulating, for example, the move voting in elections, it is enough to compromise 10% of the cards.

Cases such as identifying ROCA vulnerabilities show that the cost of fixing code in the later stages of the software life cycle is growing exponentially. Despite this, the experience of conducting a security audit of source code during the development process is still not widespread. The risk of software errors that can lead to dangerous vulnerabilities always exists, therefore, a flexible methodology for safe development is applied, focused on high-quality testing of code at all stages of the software life cycle.

On Thursday, November 16, at 14:00 , a free Positive Technologies webinar will be held on how to integrate source code vulnerability analysis into the existing development process and minimize the costs of fixing defects that lead to vulnerabilities. The webinar will be of interest to specialists familiar with the development and elimination of software code vulnerabilities.

To participate in the webinar you need to register .