While device-makers and software companies scramble to patch a vulnerability that potentially exposes every Wi-Fi session to hacking, another cryptographic flaw threatens the security of critical systems that use smartcards or hardware containing chips made by Germany's Infineon Technologies.
The Wi-Fi threat, named KRACK (for "Key Reinstallation AttaCK") was described yesterday in a paper released by Belgian researchers Mathy Vanhoef and Frank Piessens. The Infineon vulnerability, which could allow hackers to determine a private RSA key based on the public key, was dubbed "ROCA" by Czech and Slovak researchers who will present their findings at a security conference in two weeks.
In both cases, security experts are advising users of either Wi-Fi or RSA encryption technologies to update their devices as soon as possible as patches become available.
'Blindingly Obvious'... in Hindsight
According to Vanhoef and Piessens, pretty much any device with Wi-Fi capabilities could be vulnerable to a KRACK attack, which can be launched by tricking a targeted wireless device into reinstalling a cryptographic key that's already in use. Although the attack hasn't been observed in the wild, the researchers said the flaw exposed serious weaknesses in the WPA2 wireless security protocol that could allow an attacker to replay, decrypt and forge data sent to and from a victim's device via Wi-Fi.
"This meets my definition of brilliant," cybersecurity expert Bruce Schneier wrote on his blog. "The attack is blindingly obvious once it's pointed out, but for over a decade no one noticed it."
In a separate blog post yesterday, Matthew Green, a cryptography expert at Johns Hopkins University, pointed a finger at the institutional processes used to develop and approve IT security standards.
"If you're looking for someone to blame, a good place to start is the IEEE," Green wrote. "One of the problems with IEEE is that the standards are highly complex and get made via a closed-door process of private meetings. More importantly, even after the fact, they're hard for ordinary security researchers to access."
RSA Key Flaw Could Affect Millions
Meanwhile, the RSA key encryption vulnerability ROCA threatens the security of critical systems like national identification cards, security tokens and secure hardware chips made by Infineon. Experts at the Czech Republic's Centre for Research on Cryptography and Security (CRoCS) who discovered the flaw said it could be used to hijack another person's identity, decrypt sensitive messages, or forge signatures on software releases.
"The actual impact of the vulnerability depends on the usage scenario, availability of the public keys and the lengths of keys used," the CRoCS researchers wrote. "We found and analyzed vulnerable keys in various domains including electronic citizen documents, authentication tokens, trusted boot devices, software package signing, TLS/HTTPS keys and PGP. The currently confirmed number of vulnerable keys found is about 760,000 but possibly up to two to three magnitudes more are vulnerable."
Citing comments by a former U.S. National Security Agency staffer yesterday, Forbes described the RSA vulnerability as "worse than KRACK." Ars Technica's Dan Goodin said the flaw was a crippling one that "has fatally undermined the security of millions of encryption keys used in some of the highest-stakes settings." Those settings include Estonia's National ID card system, which manages nearly 750,000 smart identity cards across the country.
Forbes added that a number of hardware and software companies -- including Fujitsu, Google, HP, Lenovo, and Microsoft -- have begun issuing fixes for the flaw.
The CRoCS researchers said they discovered ROCA at the end of January and notified Infineon about their findings on Feb. 1. Since then, they have been working with the company and "other affected parties" to analyze and patch the flaw. They recommended that anyone who believes they might be affected by the vulnerability should contact the vendor for the affected device, ask for help, and apply the patch if available.