Adi Shamir, a professor at Weizmann Institute of Science in Israel and the "S" in RSA, issued a warning that a math error in a computing chip could compromise the security of the global commerce if exploited by some intelligence agencies.
Modern microprocessor chips have become increasingly complex, which also increases the likelihood that there will be undetected errors, Shamir wrote in a note circulated to a small group of colleagues. The content of the note was first reported by the New York Times.
In this particular situation, a subtle math error could make it possible for an attacker to break protections for some electronic messages, Shamir wrote. Using an approach called public key cryptography, a message could be scrambled using a publicly known number and then unscrambled with a privately held number -- a technology which allows two people who have never met, to securely and safely exchange information.
If an intelligence organization discovered a math error in the widely used chip, then "any key in any RSA-based security program running on any one of the millions of PCs that contain this microprocessor can be trivially broken with a single chosen message," Shamir wrote.
He also stated that with the new bug attack, the target PC could be located at a secure location "half a world away," and that "the attacker has no way of influencing its operating environment in order to trigger a fault. In addition, millions of PCs can be attacked simultaneously, without having to manipulate the operating environment of each one of them individually."
Paul Kocher, president of Cryptography Research, a San Francisco-based consulting and design firm, said via e-mail that the note focused on data input which could be submitted to a device that essentially "tickled" a bug. "The adversary would then be able to submit the chosen input to vulnerable systems and analyze the defective computation result to find cryptographic secrets," he said.
In the past, this security risk has been demonstrated in incidents like the detection of an obscure division bug in Intel's Pentium microprocessor in the mid 1990s, and in a multiplication bug in Microsoft's Excel spreadsheet program, Shamir wrote.
"Adi's note isn't a new mathematical result; attacks that exploit defective computations have been known for a quite a long time," Kocher wrote. "However, the exploitation scenario where someone uses (possibly intentionally placed) obscure defects to trigger the problem is interesting since it elegantly illustrates why security can be so difficult to achieve."
Kocher said that there are several strategies for correcting the problem, such as checking cryptographic computations.
Shamir warned that because the exact workings of microprocessor chips are protected by government trade laws, it is almost impossible to ascertain that they have been designed correctly. Shamir told the New York Times that so far, he had no knowledge of anyone using the described attack.
|
New Storage Devices Come To Light At CES 2012, Storage Visions While the buzz in Las Vegas this week was focused on tablets, TVs, and smart mobile devices, there was plenty to see at the CES and Storage Visions conferences for anyone looking for the latest storage innovations. |
|
12 New Flash Memory, SSD Devices Provide Diversity Diversity was the watchword in the second half of 2011 as vendors introduced a wide range of SSDs and Flash memory devices to increase the storage performance of mission-critical applications. |
|
10 Storage Predictions For 2012 The storage industry will never be the same after 2012 as data capacity growth decelerates, cloud storage accelerates, and mobile devices force storage admins to rework their playbooks. |
 More
Slide Shows |
