The physical security tokens carried by senior government officials and industry executives can be hacked, according to blockbuster research revealed Monday. The software used to generate private cryptographic keys for the tokens’ chips, which are manufactured by a company called Infineon, can be reverse-engineered, letting hackers “factor” — or identify — the keys and intercept or spoof any data they are supposed to protect.
The attack threatens to shatter the expectation of public key cryptography — that documents and messages signed by someone’s private key genuinely originated with that person. Beyond personal conversations and file exchanges, the vulnerability also affects cryptographically signed software updates, raising the possibility that hackers could spoof a verified update to install malware on someone’s computer. Such tactics have been used before.
At least 760,000 tokens are vulnerable to the attack, according to the Slovak and Czech researchers who discovered it, though they cautioned that the true extent could be “up to two to three magnitudes” larger. The researchers said they had worked with Infineon and its chip customers for the past eight months. One major customer, Yubico, said most of its devices were unaffected but offered help for people with compromised tokens. Monday’s other security news, about flaws in a popular wireless protocol, received more attention, but experts quickly labeled the cryptography key story more significant. “There will be factorable Infineon RSA keys attached to high-value targets for years and years,” tweeted Thomas Ptáček, a principal at the startup security firm Latacora.
ABOUT THAT WI-FI FLAW — If you use WPA2 security on your wireless router, monitor your network for suspicious traffic and watch for a software update from your router maker. Cybersecurity researchers on Mondayrevealed that vulnerabilities in the WPA2 protocol could let hackers intercept traffic flowing across wireless networks. “In general, any data or information that the victim transmits can be decrypted,” wrote the researchers, who said the issue compromised 10 distinct vulnerabilities. They posted a video showing them capturing a Match.com password entered on a network secured with WPA2. In some circumstances, they said, hackers can also manipulate data transmitted from a router to a client, meaning they can deliver malware to a target machine. Google said it had alerted its Android partners and was working on software updates for affected devices. Major router makers TP-Link, Belkin, Cisco and TRENDnet also said they were responding to the disclosure.
Despite the sensational headlines that the WPA2 issue generated, security researchers said it was a largely esoteric concern. “You would need an incredibly high skill set and to be [physically located] at the [target wireless router] to attack this,” wrote security researcher Kevin Beaumont. Windows and iOS devices are not vulnerable to the main vector of attack, and Beaumont told POLITICO that the secondary vector didn’t seem very useful. In addition, websites that encrypt their traffic with HTTPS are protected from interception, even if people are browsing them on unpatched routers. Plus, as security expert Tarah Wheeler pointed out, the attack “is only applicable in WiFi-range. If a shady hoodie is outside your house tapping on keyboard, encryption isn’t your top problem.”
It may not be a nightmare scenario, but the revelation that millions of routers, phones, computers and other devices contain a somewhat exploitable flaw has refocused attention on the challenges of deploying major security updates. Under current law, device makers don’t have to issue patches, and there is no federal agency specifically tasked with monitoring their attentiveness to the issue. Sen. Mark Warner, who has introduced a bill that would create security requirements for smart devices, told POLITICO that the story “illustrates the importance of adopting basic hygiene requirements for the rapidly proliferating internet of things.”
The research also cast a minor spotlight on the Institute of Electrical and Electronics Engineers, the group that sets technical standards for things like wireless security. WPA2 launched in 2004, but the vulnerabilities remained unknown until this year. Cryptography expert Matthew Green said the blame lay partly at the feet of the IEEE, which handles the standards-writing process in a very opaque way. “The standards are highly complex and get made via a closed-door process of private meetings,” wrote Green, a professor at Johns Hopkins University. They are also written in vague ways that make it hard for technical designers to implement them. Designers “have to implement their code using scraps of pseudocode scattered around the standards document,” Green wrote, and “this pseudocode leads to the broken implementation that enables” the WPA2 vulnerabilities. The IEEE’s process, he argued, “is dumb and — in this specific case — probably just cost industry tens of millions of dollars.” The IEEE did not respond to a request for comment on Green’s criticisms.