Affected Products and Keys by Infineon RSA vulnerability

infineon-roca.md

Collecting some information about the extend and affected products and keys of the Infineon RSA vulnerability (ROCA).

• Official ROCA infos by the bug finders
• Test tool on Github
• Online test
• Information from Infineon
• CVE-2017-15361
• CERT/CC advisory

Estonian eID cards

• https://www.schneier.com/blog/archives/2017/09/security_flaw_i.html

Slovakian eID cards

• Government announcement in slovakian language( Google translate to English )
• https://ekonomika.sme.sk/c/20674129/cipove-obcianske-maju-vaznu-chybu-podpis-sa-da-ukradnut.html?ref=trz

Yubikeys

• https://www.yubico.com/2017/10/infineon-rsa-key-generation-issue/

This blog post from 2016 is hillarious and argues that certified closed source is more secure than open source:

• https://www.yubico.com/2016/05/secure-hardware-vs-open-source/

GPG keys

Vulnerable GPG keys are likely created by Yubikeys.

• 3 Debian developers affected
• According to Ars Technica 2,892 PGP keys affected, 956 factorizable

TPM chips

Various vendors, including Google, Fujitsu, HP, Lenovo. Probably more. This can affect Bitlocker keys (Windows encryption system).

• Cert/CC has a link list of affected vendor advisories

SSH keys

Github found "447 fingerprinted keys, 237 of them factorizable" according to Ars Technica. Likely also generated by Yubikeys.

• https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/

Electronic signatures / eIDAS

Several German providers of electronic signatures according to the EU eIDAS system have affected keys in their issuing certificates (Telekom, Sparkassenverlag / S-Trust, Bundesdruckerei / D-Trust, Datev, Deutsche Rentenversicherung).

• Found by Rob Stradling by testing data from crt.sh
• List of affected certificates

TLS certificates

Not many according to Rob Stradlings tests. No CA certificates.

• Found by Rob Stradling by testing data from crt.sh
• List of affected certificates

Gemalto

Information very unclear, no exact information about scale and affected products yet.

• Original blog post
• Update by same blogger
• Gemalto advisory

Hi, I have updated the info around Gemalto smartcards.
https://dan.enigmabridge.com/roca-vulnerability-impact-on-gemalto-idprime-net-smart-cards/

Gemalto have published a statement: https://safenet.gemalto.com/technical-support/security-updates/?LangType=1049

Knowledgebase article is restricted to customers only, which is a bit shit

Spanish eID is also affected:
Link to the news (in spanish) below.
http://www.elperiodico.com/es/sociedad/20171109/desactivada-la-firma-digital-de-los-dni-2015-posibles-fallos-de-seguridad-6412261