Extracting a 3DES key from an IBM 4758SummaryThe IBM 4758 is an extremely secure cryptographic co-processor. It is usedby banking systems and in other security conscious applications to holdkeying material. It is designed to make it impossible to extract thiskeying material unless you have the correct permissions and can involveothers in a conspiracy. We are able, by a mixture of sleight-of-hand and raw processing power,to persuade an IBM 4758 running IBM's ATM (cash machine) support softwarecalled the "Common Cryptographic Architecture" (CCA)to export any and all of this program's DES and 3DES keys to us. All we need is: - about 20 minutes uninterrupted access to the device
- one person's ability to use theCombine_Key_Parts permission
- a standard off-the-shelf $995 FPGA evaluation board from Altera
- about two days of "cracking" time
The attack can only be performed by an insider with physical access to thecryptographic co-processor, but they can act alone. The FPGA evaluation boardis used as a "brute force key cracking" machine. Programming this is areasonably straightforward task that does not require specialist hardwaredesign knowledge. Since the board is pre-built and comes with all thenecessary connectors and tools, it is entirely suitable for amateur use. Besides being the first documented attack on the IBM 4758 to be run"in anger", we believe that this is only the second DES cracking machinein the open community that has actually been built and then used to findan unknown key! Until IBM fix the CCA software to prevent our attack, banks arevulnerable to a dishonest branch manager whose teenager has $995 and afew hours to spend in duplicating our work. NEW: 5 FEB 2002: Version 2.41 of the CCA has now been made availableavailable on IBM's website athttp://www-3.ibm.com/security/cryptocards/html/release241.shtml. Version 2.41 includes fixes specificallydesigned to prevent the attack described on this website, and some ofthe related weaknesses described in Mike Bond's paper "Attacks onCryptoprocessor Transaction Sets".- The major modification to the transaction set is the separation ofduty between confidentiality and integrity assurance for clear loadingof symmetric keys. The old modes of operation for Key_Part_Import wereFIRST, MIDDLE, and LAST. New modes of operation ADD and COMPLETE havebeen created. The party responsible for testing the integrity of a key(using Key_Test) can now use the COMPLETE mode, which does not permitmodification of the key being tested.
- Several changes have been made to the semantics of Key_Part_Import, andthe symmetric key inport and export commands to prevent type changesbetween replicate and non-replicate keys during import, and to preventexport of non-replicate keys under replicate keys.
- Extra access control points have been created which disable the fixes inorder to permit upgrade to version 2.41 for reasons other than security.
The CCA is a much safer product now that no single individual can damagethe integrity of the key material. The attack described on this website was based purely onspecification level faults. Note that some of the security-related fixes in release 2.41 relate toimplementationfaults; these have no direct connection with the attacks described onthis site, but presumably came to light as a consequence of the closerexamination of the CCA code that followed the publicity. Contents- What is an IBM 4758 ?
- What is an FPGA ?
- What are DES and 3DES ?
- How the DES cracker works
- Some relevant sums
- How the attack works
- Some real results
- Who are we ?
- Do It Yourself
-
- Some reactions (to the existence of these web pages)
How the problem might be fixedIn creating these web pages we wished to concentrate on what the problemwas with the IBM 4758 running the CCA software. How it might be fixed willto some extent be a matter of programming taste, and might also raise verycomplex issues of compatability with systems that are already in the field.We therefore shied away from describing how IBM might fix the problem. However, so many people have asked for ideas about this, that we are now making available an outline of what needs to be done, both by IBM to correct theflaws we have found in their system and by banks who wish to minimisetheir short terms risks before new software becomes available. Thisinformation (which of necessity is somewhat technical) may be found athttp://www.cl.cam.ac.uk/~mkb23/fix.html. - What does an IBM 4758 look like?
- Who uses IBM 4758s?
- Are all IBM 4758s susceptible to the attack?
- What is the CCA?
- Are the IBM 4758 and the CCA the same thing?
- How hard is it to physically attack a IBM 4758?
- I heard that the IBM 4758 is FIPS Level 4 validated. Have you broken the validation?
- So what does FIPS Level 4 validation mean?
- Are other cryptoprocessors susceptible as well as the IBM 4758?
- What is DES?
- What is Triple-DES (3DES)?
- How much stronger is Triple-DES than DES?
- What privileges do you need to run this attack?
- What information does this attack steal from the bank?
- How do PIN numbers work?
- Why is PIN number theft so dangerous?
- How would a bank respond if someone did this attack?
- Is all banking security this bad?
- So can anyone who downloads this rip off a bank?
- Who could rip off a bank then?
- If this attack is so dangerous, why are you telling everyone?
- Where can I go to book tickets to Bermuda?
Other linksMichael Bond. "Attacks on Cryptoprocessor Transaction Sets" Proceedingsof the CHES 2001 Workshop, Paris 2001. Springer Verlag LNCS 2162, pp 220-234.
Available on the web as:http://www.cl.cam.ac.uk/~mkb23/research/Attacks-on-Crypto-TS.pdf Michael Bond & Ross Anderson. "API-Level Attacks on Embedded Systems"IEEE Computer 34(10), October 2001, pp 67-75. "Brute force attacks on crytographic keys" a web-based survey of results,plus an annotated bibliography concentrating on DES crackers.http://www.cl.cam.ac.uk/~rnc1/brute.html "IBM PCI Cryptographic Coprocessor CCA Basic Services Reference and Guidefor IBM 4758 Models 002 and 023 with Release 2.40", Seventh Edition,September 2001. Available from:ftp://www6.software.ibm.com/software/cryptocards/CCA_Basic_Services_Reference_240.pdf
Return to Richard Clayton's Home PageReturn to Mike Bond's Home Pagelast modified 15 NOV 2001 -- http://www.cl.cam.ac.uk/~rnc1/descrack/index.html | 
