A research team has shown that it can crack security devices used by government agencies and enterprise companies, like the RSA SecurID 800, to protect their data. The researchers refined a method developed in 2006 by Swiss cryptographer Daniel Bleichenbacher for retrieving the cryptographic keys used in RSA signature validation. In a paper detailing the refinement, the team says it was able to reduce the time needed to discover the secret keys to just 13 minutes. The method also worked — albeit slightly less effectively — on other secure token devices like the Siemens CardOS (21 minutes), the SafeNet Ikey 2032 (88 minutes), and Gemalto Cyberflex (92 minutes).
"The attacks are efficient enough to be practical."
The method allows the use of a command from the PKCS#11 API that is implemented in such a way that it offers a ‘padding oracle’ — a server side channel which reports on whether a decryption has succeeded. When the oracle (in this case the server) responds, it leaks data that may allow attackers to decrypt messages without knowing the encryption key.
Commonly referred to as the ‘million message attack,’ it usually requires an average of 215,000 queries to reveal a 1024-bit key. The refined method suggested in the document improves the algorithm and only requires an average of 9,400 calls to reveal the same key. They accomplished this by using a theorem that allows not only multiplication but also division to be used in manipulating a PKCS# v1.5 ciphertext to learn about the plaintext. The paper says that "the attacks are efficient enough to be practical."
All of the companies involved were notified before the paper was published and have, for the most part, responded to the research positively. SafeNet plans to release a security bulletin to its clients which confirms the vulnerability and has a workaround which will be used while it works on an update for the affected devices. Siemens has recognised the flaw and updated its devices already, while RSA has debated the usefulness of the new method. RSA says that this attack only works because the RSA SecurID 800 does not fully comply with the PKCS# v1.5 standard, and it will update the device to meet the requirements. It also claims the method needs access to secure data that isn't freely available. The researchers, in response, say that the data can be obtained through a network protocol, and RSA’s proposed fix would merely slow down an attack instead of preventing it entirely.
Zenonas Kyprianou contributed to this report