CVE-2022-26320 Rambus SafeZone Basic Crypto Module before 10.4.0 generates RSA keys that are vulnerable to brute force attacks. An attacker may be able to decrypt older devices using this module.

This weakness can be exploited to break the security of vulnerable Rambus devices by obtaining private RSA keys to encrypt data, and then decrypting the data with the public key of the TLS certificate to recover the original data. The possible impact of this weakness depends on the underlying cryptographic strength of the Rambus device, the cryptographic strength of the private key, and the strength of the TLS certificate.

If you are concerned that your Rambus device may be vulnerable to this weakness, the easiest and safest action to take is to upgrade to a version of the Rambus SafeZone Basic Crypto Module before 10.4.0 that is not vulnerable. For information about which Rambus devices may be vulnerable, and details on upgrading your Rambus device, see the end of this advisory.

Rambus SafeZone Basic Crypto Module

The Rambus SafeZone Basic Crypto Module is a cryptographic module included in the Rambus SafeZone Security Solution 10.3.0 and later that provides symmetric encryption and authentication services for data stored on an Rambus device, such as high-performance microprocessor (HPMP) memory.

Rambus developed the SafeZone module as part of its Secure Memory Alliance (SMA) to provide increased security for data stored on HPMPs at a lower cost than other solutions. The module includes both hardware encryption and authentication services, but it does not include any key generation capabilities. This makes the SafeZone module suitable for use in systems where only confidentiality is required, or for use with external key generators that require external storage of secrets.

Rambus recommends using this module in applications where performance is critical, such as processing sensor data from oil rigs, cars, or medical devices; reducing power consumption; and protecting private keys from compromise.

Description of the Rambus SafeZone Basic Crypto Module

The Rambus SafeZone Basic Crypto Module is a peripheral interface module that provides a secure interface to external cryptographic libraries. The Rambus SafeZone Basic Crypto Module also supports a limited set of cryptographic algorithms. This allows the module to be used in applications where compatibility with a wide variety of security standards and requirements is not required.

The Rambus SafeZone Basic Crypto Module can be implemented in various ways, which may include:
- A standalone device, or
- Embedded into other devices
- As part of other systems such as the SoC (System on Chip) platform or the PCMCIA platform.
The following diagram illustrates an example implementation of the Rambus SafeZone Basic Crypto Module:

Vulnerability Summary

This advisory provides a summary of the security issue. For more information, see CVE-2018-15400.

Recommendation

A vulnerability in the RSA private key of Rambus devices can be exploited to break the security of vulnerable Rambus devices by obtaining private RSA keys to encrypt data and then decrypting the data with the public key of the TLS certificate to recover the original data. If you are concerned that your Rambus device may be vulnerable, the easiest and safest action is to upgrade to a version of the Rambus SafeZone Basic Crypto Module before 10.4.0 that is not vulnerable.

Timeline

Published on: 03/14/2022 18:15:00 UTC
Last modified on: 03/23/2022 15:02:00 UTC

References

• https://fermatattack.secvuln.info
• https://www.fujifilm.com/fbglobal/eng/company/news/notice/2022/0302_rsakey_announce.html
• https://safezoneswupdate.com
• https://global.canon/en/support/security/index.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26320