Attacks on Medical Devices and Implants Possible Tanks to Poor RSA Encryption Implementation
Encryption makes data inaccessible to unauthorized persons, once the private key to decrypt data is not compromised and strong encryption is deployed.
Not every algorithm provides the same level of security. The strength of encryption is dependent on the length of the key. The longer the key, the more computational power is necessary to break the encryption. When strong encryption is deployed, the computing power and time necessary to break the encryption renders the data practically inaccessible.
DES was once thought of as a strong form of encryption but the computing power now available makes cracking the encryption possible even on relatively cheap computers. DES used 56-bit keys, which were acceptable in the 1970’s, but today the keys just not long enough. Strong encryption today is generally something that requires 256-bit keys, such as those generated by the AES algorithm. With AES-256, for the time being anyhow, sensitive data can be adequately safeguarded. Once the key is not disclosed, encrypted data cannot be accessed.
RSA is an alternative encryption standard that is often used to safeguard sensitive data. It uses an asymmetric cryptographic algorithm using two keys – a private key and a public key. The public key can be shared with anyone, as it cannot be used on its own to decrypt data. For that the private key is also necessary.
The keys in question are generated by multiplying two random prime numbers. RSA keys are long and cannot simply be guessed or brute forced due to the level of computing power ncessary. However, if mistakes are made using RSA encryption, keys can easily be cracked.
One of the issues that can arise is when RSA keys are not encrypted using truly random prime numbers. Mistakes in randomness weakens the encryption. A recent review of RSA certificates by Keyfactor has shown that in many IoT devices, the factors used to generate the keys are not completely random, which makes it much simpler to deduce the private key.
In such cases, a significant amount of computing power is still necessary, but not enough to make cracking the encryption sufficiently complex. According to Keyfactor, all it would take is around $3,000 of compute time on a single Azure virtual machine to crack these weak keys. At such a low expense, threat actors may find it well worth the investment.
Deploying a scalable GCD algorithm on their Azure VM, the expert gathered 175 million RSA certificates from the internet. 75 million of those keys were actively used to encrypt traffic and 100 million were publicly available keys. Keyfactor’s analysis identified 435,000 RSA certificates that shared the same factor. That is the same as around 1 in 172 RSA certificates. Keyfactor was able to break all 435,000 certificates for less than $3,000 in Azure compute time.
Shared factors are normally used in lightweight IoT devices. This is because they do not have enough entropy to generate truly random numbers as they lack the required processing power. The random numbers used are therefore predictable. If you find the two prime numbers used to generate the key and the private key can be captured.
Keyfactor said: “Lightweight IoT devices are particularly prone to being in low entropy states due to the lack of input data they might receive, as well as the challenge of incorporating hardware-based random number generation economically. Keys generated by lightweight IoT devices are therefore at risk of not being sufficiently random, increasing the chance that two keys share a factor and allow the key to be broken.”
One example they discovered involved an 8,192-bit RSA key. That key was extremely big, so it should not have been possible to guess it no matter how much time was devoted to the job. Despite this they guessed it.The length of the key was fine, but since the factor used was not completely random, the length of the key was irrelevant.
A threat actor with the derived private key cannot be distinguished by the authentic private key holder, which opens the door to man-in-the-middle attacks, data tampering, and data robbery.
This has major implications for a wide variety of industries that use large amounts of IoT devices. Healthcare for instance. In healthcare, many medical devices and implants have low entropy, so the encryption could be cracked and data obtained for a relatively small outlay.