Don`t you consider well-known KRACK to be the most dangerous attack? Meet even worse security hole. A destroying vulnerability has endangered the security of the most encryption keys, including those being used in identification documents, software signing and platform modules preventing government and enterprise computers from different attacks. One more wild morning brought the terrible news: security specialists discovered an inevitable deficiency in a commonly used cryptography code library, to be more precise, in chips that were made by a German company.
ROCA is short for Return of Coppersmith`s Attack, the researchers revealed this weakness in RSA keys of the software library that was used by cryptographic smartcards, security tokens and other secure hardware chips. The researchers wrote that this exploit allows the attacker to figure out the private part of an RSA key. Moreover, such an attack impacts on all widely used key lengths and chips produced in 2012.

The strategy of ROCA: public key to compute private key

Graham Steel, CEO of encryption consultancy firm Cryptosense, emphasized that there is such a thing in public key cryptography that public key is really public and anyone can use it without any further problems in security sphere. But in this case criminals have the opportunity to use the public part of the key in order to compute the private part of it.
This exploit definitively dents the security of encryption keys, because you cannot prove whether a document was signed by anyone else`s private key as well as cannot aver that only you read the data, making use of their public key. Steel also said that practically anyone can develop your private key, so to take a legal action and to asset that it wasn`t you who signed that document or anything else is aimless enough in this situation.
And now attackers have variety of malicious actions to do: impersonation of different users, decryption of restricted information, penetration of malicious code into files, forgery of signatures for software and hardware signing.

The working principle of ROCA

German chipmaker Infineon Technologies AG has worked out the code library, which has been involved in the development of keys since 2012. Security specialists from the Centre for Research on Cryptography and Security, Masaryk University, Enigma Bridge and Ca` Foscari University have represented how Infineon allows hackers to compute the private keys, using certain public numbers.
In order to get private and public keys, it`s necessary to multiple two large numbers. One cannot use public key to develop private one, since it`s rather difficult to expand the number into factors for getting the essential prime numbers. And if someone succeeds in getting both prime numbers, this one will be able to compute the private key for a further impersonation of himself as the key owner.
Briefly, Infineon couldn`t prove that numbers of the public key cannot be expanded into factors, so the system was laid down at stake, because some well-known giants such as Google, Microsoft, HP, Lenovo, Fujitsu have used it. The worst of it is that the falsified library meets requirements of the two international security certification standards, so governments, large enterprises are also in a trouble. Estonia is the first country that notifies about the vulnerability of 750,000 digital IDs produced since 2014.
The investigators also stressed that different domains such as electronic citizen documents, authentication tokens, trusted boot devices, software package signing, TLS/HTTPS keys and PGP also contain vulnerable keys. Their number has already reached 760,000.

Unavailability of public information hinders to discover security holes

Security specialists asked the companies to keep the design under the radar. Exactly this silence makes these protocols and libraries fragile for the attackers.
The investigation demonstrates that such behavior is really dangerous, because unavailability of public information hinders to discover security holes and the process of checking for them.
The ROCA is more dangerous attack than KRACK since it has numerous alternatives in the government as well as outside while KRACK only works for criminals.