On Wed, Jun 12, 2019 at 4:11 AM Leif Johansson <le...@sunet.se> wrote: > > On 2019-06-12 06:27, Peter Gutmann wrote: > > Warren Kumari <war...@kumari.net> writes: > > > >> Major HSM vulnerabilities impact banks, cloud providers, governments > >> https://www.zdnet.com/article/major-hsm-vulnerabilities-impact-banks-cloud-providers-governments/ > > > > From TFA: > > > > The duo's research paper is currently available only in French, > > > > Devilishly clever! That way Thales and Gemalto can fix their HSMs while the > > non-French-speaking hackers have to wait for Black Hat to find out what the > > vulns are. > > > > Despite the inexplicable lack of being taught phrases like "couche de resine > > epoxy" while still learning everyday useful things like "le ballon tombe > > dans > > les fleurs", the gist of the paper is that running externally-updatable > > ancient unpatched Linux (an unstripped, unhardened 2.26 (!!!) kernel) with > > buggy PKCS #11 firmware on your HSM isn't a good idea. > > > > This isn't really an HSM, it's more an IoT device with a crypto accelerator > > attached. Once I read to the description of the configuration, my only > > surprise was that it took this long to get pwned. Not wanting to downplay > > the > > authors' achievement, but it's a hack of a generic, run-of-the-mill IoT > > device, just one that happens to be advertised as an HSM. > > > > It's also not surprising that you can attack the PKCS #11 API directly, as > > the > > authors correctly point out it's very complex and therefore has a very large > > attack surface. I'm sure many PKCS #11 client-app developers have > > inadvertently "attacked" their PKCS #11 implementation just by passing in > > incorrect parameters while developing code (I have, for several > > implementations). > > > > In addition, with what they're running as the firmware as an indicator, it's > > also not overly surprising that the crypto code itself is of, uhh, sub-par > > quality. Sorta confirms the comment I made in my book that "A great many > > security systems in use today are secure only because no-one's ever bothered > > attacking them". > > > > All in all a nice piece of work, and an interesting read. > > > > My french is a bit rusty but did you also understand that the attack > was based on the ability to do fw upgrade over P11?
Nope -- my French is nonexistent; I tried copying and pasting bits into Google Translate, but got frustrated quickly. I was mainly entertained by the fact that a consumer news site like zdnet was writing about this. W > Needless to say > that seems like a ... unique property to have in your P11 impl but > I am worried I have misread the paper. > > Cehers Leif > > _______________________________________________ > Tech mailing list > Tech@cryptech.is > https://lists.cryptech.is/listinfo/tech -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
