On 2019-06-12 06:27, Peter Gutmann wrote: > Warren Kumari <war...@kumari.net> writes: > >> Major HSM vulnerabilities impact banks, cloud providers, governments >> https://www.zdnet.com/article/major-hsm-vulnerabilities-impact-banks-cloud-providers-governments/ > > From TFA: > > The duo's research paper is currently available only in French, > > Devilishly clever! That way Thales and Gemalto can fix their HSMs while the > non-French-speaking hackers have to wait for Black Hat to find out what the > vulns are. > > Despite the inexplicable lack of being taught phrases like "couche de resine > epoxy" while still learning everyday useful things like "le ballon tombe dans > les fleurs", the gist of the paper is that running externally-updatable > ancient unpatched Linux (an unstripped, unhardened 2.26 (!!!) kernel) with > buggy PKCS #11 firmware on your HSM isn't a good idea. > > This isn't really an HSM, it's more an IoT device with a crypto accelerator > attached. Once I read to the description of the configuration, my only > surprise was that it took this long to get pwned. Not wanting to downplay the > authors' achievement, but it's a hack of a generic, run-of-the-mill IoT > device, just one that happens to be advertised as an HSM. > > It's also not surprising that you can attack the PKCS #11 API directly, as the > authors correctly point out it's very complex and therefore has a very large > attack surface. I'm sure many PKCS #11 client-app developers have > inadvertently "attacked" their PKCS #11 implementation just by passing in > incorrect parameters while developing code (I have, for several > implementations). > > In addition, with what they're running as the firmware as an indicator, it's > also not overly surprising that the crypto code itself is of, uhh, sub-par > quality. Sorta confirms the comment I made in my book that "A great many > security systems in use today are secure only because no-one's ever bothered > attacking them". > > All in all a nice piece of work, and an interesting read. >
My french is a bit rusty but did you also understand that the attack was based on the ability to do fw upgrade over P11? Needless to say that seems like a ... unique property to have in your P11 impl but I am worried I have misread the paper. Cehers Leif _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech