The IBM 4758 is an extremely secure cryptographic co-processor. It is used by banking systems and in other security conscious applications to hold keying material. It is designed to make it impossible to extract this keying material unless you have the correct permissions and can involve others in a conspiracy.
We are able, by a mixture of sleight-of-hand and raw processing power, to persuade an IBM 4758 running IBM's ATM (cash machine) support software called the "Common Cryptographic Architecture" (CCA) to export any and all of this program's DES and 3DES keys to us. All we need is:
The attack can only be performed by an insider with physical access to the cryptographic co-processor, but they can act alone. The FPGA evaluation board is used as a "brute force key cracking" machine. Programming this is a reasonably straightforward task that does not require specialist hardware design knowledge. Since the board is pre-built and comes with all the necessary connectors and tools, it is entirely suitable for amateur use.
Besides being the first documented attack on the IBM 4758 to be run "in anger", we believe that this is only the second DES cracking machine in the open community that has actually been built and then used to find an unknown key!
Until IBM fix the CCA software to prevent our attack, banks are vulnerable to a dishonest branch manager whose teenager has 995ドル and a few hours to spend in duplicating our work.
NEW: 5 FEB 2002: Version 2.41 of the CCA has now been made available available on IBM's website at http://www-3.ibm.com/security/cryptocards/html/release241.shtml . Version 2.41 includes fixes specifically designed to prevent the attack described on this website, and some of the related weaknesses described in Mike Bond's paper "Attacks on Cryptoprocessor Transaction Sets".The CCA is a much safer product now that no single individual can damage the integrity of the key material. The attack described on this website was based purely on specification level faults. Note that some of the security-related fixes in release 2.41 relate to implementation faults; these have no direct connection with the attacks described on this site, but presumably came to light as a consequence of the closer examination of the CCA code that followed the publicity.
- The major modification to the transaction set is the separation of duty between confidentiality and integrity assurance for clear loading of symmetric keys. The old modes of operation for Key_Part_Import were FIRST, MIDDLE, and LAST. New modes of operation ADD and COMPLETE have been created. The party responsible for testing the integrity of a key (using Key_Test) can now use the COMPLETE mode, which does not permit modification of the key being tested.
- Several changes have been made to the semantics of Key_Part_Import, and the symmetric key inport and export commands to prevent type changes between replicate and non-replicate keys during import, and to prevent export of non-replicate keys under replicate keys.
- Extra access control points have been created which disable the fixes in order to permit upgrade to version 2.41 for reasons other than security.
In creating these web pages we wished to concentrate on what the problem was with the IBM 4758 running the CCA software. How it might be fixed will to some extent be a matter of programming taste, and might also raise very complex issues of compatability with systems that are already in the field. We therefore shied away from describing how IBM might fix the problem.
However, so many people have asked for ideas about this, that we are now making available an outline of what needs to be done, both by IBM to correct the flaws we have found in their system and by banks who wish to minimise their short terms risks before new software becomes available. This information (which of necessity is somewhat technical) may be found at http://www.cl.cam.ac.uk/~mkb23/fix.html.
Michael Bond. "Attacks on Cryptoprocessor Transaction Sets" Proceedings
of the CHES 2001 Workshop, Paris 2001. Springer Verlag LNCS 2162, pp 220-234.
Available on the web as:
http://www.cl.cam.ac.uk/~mkb23/research/Attacks-on-Crypto-TS.pdf
Michael Bond & Ross Anderson. "API-Level Attacks on Embedded Systems" IEEE Computer 34(10), October 2001, pp 67-75.
"Brute force attacks on crytographic keys" a web-based survey of results, plus an annotated bibliography concentrating on DES crackers. http://www.cl.cam.ac.uk/~rnc1/brute.html
"IBM PCI Cryptographic Coprocessor CCA Basic Services Reference and Guide for IBM 4758 Models 002 and 023 with Release 2.40", Seventh Edition, September 2001. Available from: ftp://www6.software.ibm.com/software/cryptocards/CCA_Basic_Services_Reference_240.pdf