tpm   1027

« earlier    

Bad RSA Library Leaves Millions of Keys Vulnerable | Hackaday
So, erm… good news everyone! A vulnerability has been found in a software library responsible for generating RSA key pairs used in hardware chips manufactured by Infineon Technologies AG. The vulnerability, dubbed ROCA, allows for an attacker, via a Coppersmith’s attack, to compute the private key starting with nothing more than the public key, which pretty much defeats the purpose of asymmetric encryption altogether.

Affected hardware includes cryptographic smart cards, security tokens, and other secure hardware chips produced by Infineon Technologies AG. The library with the vulnerability is also integrated in authentication, signature, and encryption tokens of other vendors and chips used for Trusted Boot of operating systems. Major vendors including Microsoft, Google, HP, Lenovo, and Fujitsu already released software updates and guidelines for mitigation.

The following key length ranges are now considered practically factorizable (time complexity between hours to 1000 CPU years at maximum): 512 to 704 bits, 992 to 1216 bits and 1984 to 2144 bits. Note that 4096-bit RSA key is not practically factorizable now, but may become so, if the attack is improved.

The time complexity and cost for the selected key lengths (Intel E5-2650 v3@3GHz Q2/2014):

512 bit RSA keys – 2 CPU hours (the cost of $0.06);
1024 bit RSA keys – 97 CPU days (the cost of $40-$80);
2048 bit RSA keys – 140.8 CPU years, (the cost of $20,000 – $40,000).
encryption  pki  tpm  cybersecurity  vulnerability  crypto  keylength  rsa  hack 
12 days ago by bwiese
Grassley Appeals To Trump: Firing Mueller Would Be Presidential ‘Suicide’ – Talking Points Memo
“I think it would be suicide for the President to fire him,” Grassley said in a brief interview clip aired on CNN. “I think the less the President says about this whole thing, the better off he will be. And I think that Mueller is a person of stature and respected and I respect him. Just let the thing go forward.”
trump  grassley  mueller  tpm 
10 weeks ago by dcrall
IRID9670TPM20LINUXTOBO1 Infineon Technologies | Mouser
IRID9670TPM20LINUXTOBO1 Infineon Technologies Security / Authentication Development Tools OPTIGA TPM SLB 9670 TPM2.0 Infineon's Trusted Platform Module (TPM) SLB9670 is a fully TCG standard compliant TPM 2.0 with a SPI interface. datasheet, inventory, & pricing.
tss  infineon  tcg  tpm 
january 2018 by arisco97

« earlier    

related tags

*  10  19th_century  2016  2016election  64bit  adexchange  advertising  ag  antitrust  attestation  au  authentication  belarus  bernie  bitlocker  blacklisting  blog  blogs  book  boot  businessmodels  cac  card  ccc  censorship  certificate  certificatemanagement  chat  check  christie  chrome  chromebook  chromeos  circumvention  civil_war  clips  code  computaional_advertising  computing  consoles  container  copyright  counsel  cracking  cruz  crypto  cryptography  cybersecurity  database  defense  delicious  dev  diy  donaldtrump  doubleclick  drm  dsec  dualboot  editorsbrief  election-2018  email  enclave  enclavedb  encryption  encypted  engagement  europe  event  evil-maid  exploit  face  fic  foreignpolicy  fritz  gafa  garret  gawker  gen  general  generator  gmail  go  golang  google  googleanalytics  googlechrome  grassley  guard  hack  hacking  hardware  hibernation  history  howto  hsm  hypervisor  ibm  ic  infineon  iommu  josh.marshall  josh  joshmarshall  journalism  juliepace  kerberos  kernel  key  keygen  keylength  library  linux  locks  logs  lsm  mac  management  manager  market_microstructure  marshall  mascots  matthew  maybesolution  media  meta  microeconomics  microsoft  mikeflynn  mmist  module  monopoly  mueller  muellerinvestigation  nap  nas  news  news_media  nieman  nintendo  notes  osx  paulmanafort  peterthiel  pg  piv  pki  pks11  platform  platform_economics  plugin  poland  politics  power  privacy  priviledgeescalation  program  programming  publishing  purpose  qtr_calls  quora  racism  random  randomness  readinglist  recommended_by  redskins  reference  remote  requirement  research  rng  rosenstein  rsa  rubio  russia  search  secrecy  secure  security  sessions  sgx  slat  slavery  slides  smartcard  social_media  spam  special  ssh  starwars  subscription  support  system  talk  talkingpointsmemo  tcg  thephilosophersmeme  tips  titan  tmux  todo  tor  tpmprime  trump  trumpadministration  trusted-computing  trusted  tss  united_states_of_america  usb  virtualization  vtpm  vulnerability  weak  windows  セキュリティ 

Copy this bookmark:



description:


tags: