Recently, NinjaLab investigated Titan, a two-factor authentication token offered by Google, and broke its secure crypto implementation. The work conducted by NinjaLab is impressive as they successfully reverse-engineered a complex cryptographic system, found a side channel vulnerability, and recovered the private key using multiple advanced attack techniques.
The token uses ECDSA, a signing algorithm based on elliptic curve cryptography. Interestingly, the researchers study both the private signing operation and the public verification mechanism. These are studied to explore the application of various potential implementation variations and security measures. Under the assumption that the private key operation would be better protected than the public one, the protection mechanisms could be identified while comparing private and public key operations. After building their implementation model, NinjaLab started leakage measurements and discovered a vulnerability, that would leak partial information of a secret nonce.
By using clustering of the leaked data, they were able to establish the approximate value of some nonce bits. Although a complete nonce allows recovery of the private key, this is not trivial for partially known nonces since they are randomly chosen for each signature. The researchers applied a so-called Lattice attack to resolve incomplete equations, ultimately yielding the complete key. While the attack’s development took several months of multiple experts, repeating the attack on subsequent tokens is a matter of hours.
Two-factor authentication uses strong crypto and is used to provide added security to access sensitive applications and services. Breaking a two-factor solution potentially threatens the security of many applications, generally undermining public trust in this kind of technology.
It is noteworthy that the product’s chip had been certified according to the highest security standards (although the certificate expired). This shows that certification is a snapshot representing the state-of-the-art in attack techniques, but only provides assurance until the next new attack comes along. Therefore, this event underlines the importance of assurance maintenance by periodically reviewing the product security against the newest threats and conditional renewal of its certificate, as well as integrating products that are being actively maintained and have an unexpired certificate.
Even though this Titan two-factor can be broken with physical access to the token, this is still a considerable effort requiring knowledge, time, and equipment. Clearly, using this weakened solution is still better than the absence of two-factor authentication. Users of the token can protect themselves by always keeping the token in their possession, and preventing others’ access. If a token is lost, consider it compromised and replace it with another token. As long as an attacker cannot get the combination of user name, password and token, the account is still secure.
The product most likely can not be patched, as the vulnerability resides deep in the chip’s design. The researchers do suggest additional countermeasures that could be implemented in newer versions of the chip. Such revisions must be evaluated and certified to ensure that the vulnerability is truly fixed and no further issues were introduced.
If you have any questions, contact us at inforequest@riscure.com.
Check out other posts of Riscure Security Highlights.