Serious Security Vulnerabilities Affecting Billions of Computer Chips

WPI security researchers Berk Sunar (left) and Daniel Moghimi discovered security vulnerabilities in computer chips made by Intel Corp. and STMicroelectronics. (Image: Worcester Polytechnic Institute)

Worcester Polytechnic Institute (WPI) security researchers Berk Sunar and Daniel Moghimi led an international team of researchers that discovered serious security vulnerabilities in computer chips made by Intel Corp. and STMicroelectronics.

The flaws affect billions of laptop, server, tablet, and desktop users around the world. The proof-of-concept attack is dubbed TPM-Fail. The two newly found vulnerabilities, which have been addressed, would have allowed hackers to employ timing side-channel attacks to steal cryptographic keys that are supposed to remain safely inside the chips.

Subscribe to our Newsletter!

Receive selected content straight into your inbox.

The recovered keys could be used to compromise a computer’s operating system, forge digital signatures on documents, and steal or alter encrypted information. Berk Sunar, professor of electrical and computer engineering and leader of WPI’s Vernam Lab, which focuses on applied cryptography and computer security research, said:

The flaws announced are located in TPMs, or trusted platform modules, which are specialized, tamper-resistant chips that computer manufacturers have been deploying in nearly all laptops, smartphones, and tablets for the past 10 years.

The flaws announced today are located in TPMs, or trusted platform modules, which are specialized, tamper-resistant processor chips.
The flaws are located in TPMs, or trusted platform modules, which are specialized, tamper-resistant processor chips. (Image: Screenshot via YouTube)

Following an international security standard, TPMs are used to secure encryption keys for hardware authentication and cryptographic keys, including signature keys and smart card certificates. Pushing the security down to the hardware level offers more protection than a software-only solution and is required by some core security services.

One of the flaws the WPI team discovered is in Intel’s TPM firmware, or fTPM — software that runs in the Security and Management Engine in processors the company has produced since it launched its Haswell processor microarchitecture in 2013. Haswell CPUs are used in the popular Core i3, i5, and i7 family of processors.

The vulnerability is in the chip that supports trusted execution services — what should be a secure area of the processor. These small crypto chips are the basis of the root of trust for a large portion of the computers used today. The idea is that if the TPM is secure, so is the rest of the computer.

The second flaw is in STMicroelectronics’ TPM. Notably, the STMicroelectronics’ vulnerability is in a chip that has received a strong industry-recognized security certification from Common Criteria — a highly acknowledged security stamp of approval based on international specifications designed to ensure the technology meets high security standards preferred in industrial and government deployments.

The WPI researchers worked with Thomas Eisenbarth, a professor of IT security at the University of Lübeck, and Nadia Heninger, an associate professor of computer science and engineering at the University of California, San Diego.

Once discovered, the flaws were reported to the chip makers by the WPI researchers, who also have described the flaws, how they were discovered, and how they could have been exploited in a paper that will be presented at the 29th USENIX Security Symposium in Boston next August. It also will be presented at the Real World Crypto Symposium in New York City in January.

Once discovered, the flaws were reported to the companies.
Once discovered, the flaws were reported to the companies. (Image: Screenshot via YouTube)

Researchers like Sunar and Moghimi routinely search for security flaws in software, hardware, and networks and ethically report them to the companies so the problems can be patched before malicious hackers exploit them.

No technology is bug-free, so researchers help companies find and fix security flaws that could otherwise lead to massive hacking attacks, malware infections, and zombie systems. Moghimi, a Ph.D. candidate in WPI’s electrical and computer engineering department, said:

Sunar and Moghimi were members of a multi-university research team that found the series of security flaws behind the Fallout and ZombieLoad attacks reported last spring, as well as another vulnerability known as Spoiler, which exploits side effects of speculative execution.

Broadly, these vulnerabilities are categorized as side-channel attacks, which hackers use to surreptitiously grab information about how a computer behaves while performing sensitive operations and then using that information to access internal data.

Using their own analysis tool, the researchers conducted a black-box timing analysis of TPM devices to discover timing leakages that allow an attacker to apply lattice techniques to recover 256-bit private keys and ECSchnorr cryptography signatures. The leakages make the TPMs vulnerable to remote attacks that reveal cryptographic keys and make applications that use them less secure than they would be without the TPM.

Flaw in Intel fTPM

One of the security flaws Intel patched today is in a cryptographic library — in the fTPM set inside the Intel Management Engine processor. With this vulnerability, researchers used the timing leakage to recover the signature key in less than two minutes. Intel is patching the security flaw with an update to the library.

(Image: Screenshot / YouTube)
By exploiting this vulnerability, researchers recovered the signature key in less than two minutes. (Image: Screenshot / YouTube)

Intel’s fTPM is a widely used TPM product that runs in a dedicated microprocessor for carrying out cryptographic operations, like making sure data has not been maliciously altered, ensuring data remains confidential, and proving the identity of both the sender and recipient of the data. The microprocessor is embedded with multiple physical security measures, designed to make it tamper resistant.

WPI’s Moghimi explained that if hackers gained access to the fTPM, they could forge digital signatures, enabling them to alter, delete, or steal information.

STMicroelectronics flaw

The research team discovered a flaw in the STMicroelectronics’ TPM, which is based on the company’s popular ST33 chip, an embedded security platform used in many SIM modules, using integrated circuits designed to securely store authentication information. The chipmaker announced earlier this year that more than 1 billion ST33 chips have been sold.

The vulnerability in STMicroelectronics’ TPM basically leaks the signature key, which should remain safely inside the hardware. It is designed to enhance the system’s security. With the key, a hacker could access, steal, or alter encrypted electronic documents.

Using the flaw in the STMicroelectronics chip, researchers extracted the private ECDSA key from the hardware after less than one and a half hours of data collection. Moghimi said:

The vulnerable chip has received a CC4+ rating from Common Criteria, which ranks security levels from one (lowest) to seven (highest). Sunar said:

Intel, based in Santa Clara, Calif., has been the world’s largest computer chip maker by revenue since 1992. STMicroelectronics, Europe’s largest semiconductor chip maker based on revenue, is based in Geneva, Switzerland.

Provided by: Sharon Gaudin, Worcester Polytechnic Institute [Note: Materials may be edited for content and length.]

Follow us on Twitter or subscribe to our weekly email

Recommended Stories

Stir-fried pebbles.

Stir-Fried Pebbles: Chinese Vendors Are Making a Dish Made of Stones

Chinese street food vendors have amused the world by creating a unique cuisine; stir-fried pebbles, ...

Chinese painting of Kou Zhun, an official during the Northern Song Dynasty.

The Inspirational Story of Kou Zhun’s Mother: A Lesson in Moral Education

China, with its 5,000-year-old civilization, has always been recognized for the importance it places on ...

Man and woman in a heated argument.

Disagreeing Gracefully: How To Foster Understanding in a Polarized World

Most of us have found ourselves embroiled in a heated disagreement, feeling so hurt or ...

Exoplanet K2-18b.

Signs of Life? Why Astronomers Are Excited About Carbon Dioxide and Methane in the Atmosphere of an Alien World

Are we alone? This question is nearly as old as humanity itself. Today, this question ...

The tower in Kaiyuan Temple with cherry blossoms.

Historical Tale From China: Murong Yanchao Outsmarts a Swindler

During the Later Han Dynasty (947-950), Yunzhou’s leading commander, Murong Yanchao, was celebrated for his ...

A basket of eggs.

Reviving the Simple Long-Lost Art of Roasting Eggs

Roasting eggs is probably the most ancient way of cooking eggs. About 1 million years ...

A closeup view of jail cell iron bars casting shadows on the prison floor.

Successful Entrepreneurs in China Lose Everything Overnight on Trumped-Up Charges (Part 2)

Mr. Yang said persecuted entrepreneurs like him are too numerous in his home province and ...

A polar ring galaxy.

Astronomers Have Discovered a Rare ‘Polar Ring Galaxy’ Wrapped in a Huge Ribbon of Hydrogen

A galaxy can come in many shapes and sizes, from giant, slowly rotating ovals and ...

Mr. Yang.

Successful Entrepreneurs in China Lose Everything on Trumped-Up Charges (Part 1)

Mr. Yang, one of China’s highly successful entrepreneurs now living in exile, recounted how he ...

Send this to a friend