SPECTRE or MELTDOWN Vulnerability

I wonder if Nitrokey will be affected…


Spectre and Meltdown have a huge impact on whole security stucture of enterprises, governments, internet infrastructure security. The problem is much worse than you might think!!!

Since everything is built-up upon a “cryptographic key hierarchy”, beginning with internet routers, switches, firewalls, to AD/LDAP servers, … these keys now are all probably lost and must be revoked.

To illustrate that, let’s have a short look e.g. at UEFI, secure boot process and “chain of trust”, introduced by “WINTEL alliance”:

The ‘security key chain’ goes: Endorsement key (generated by onboard TPM chip) - Attestation Identity Key (AIK) - Microsoft UEFI key - MS signing Attestation Identity Key - Enterprise key - (MS again signing) Enterprise key - Storage Root Key - (MS again signing) Bitlocker Key - …

Multiple boot processes are required in Windows 10 (e.g. after updates) to ensure, that Microsoft UEFI certificates “signed” (are enclosed in) all your own certificates to create the U.S. government backdoor, deeply hidden in your hardware and across all hierarchies. Now you know, why you have to reboot so often during install and after Windows 10 updates!!

Finally, these ‘certificate chains’ (X.509v3) are written back into UEFI tables and into a special internal Intel XEON CPU buffer to be used by new AES-NI hardware encryption for all kinds of encryption: Storage, Routers, VPN, SSL, HTTPS …

Note: Since these MS / U.S. government keys are deeply sticking in Intel XEON processor hardware, it doesn’t play a role, what other OS you install or boot afterwards: Debian/UBUNTU Linux, OpenBSD, … If your software uses Intel AES-NI hardware encryption, all encrypted packets ingoing, outgoing - then automatically contain that U.S. government backdoor!

All these keys now are lost and must be revoked, as happened e.g. with JMicron and Realtek network drivers, as happened in Iran Stuxnet affair. All keys in your UEFI machines in all your switches, routers, that are using X.509v3 “certificates”, will have to be revoked, renewed as well.

It’s important to know, that not only the US NSA backdoor keys have gone lost. So, if you use UEFI “secure boot”, you are not only completely under U.S. control, but also unter control by all kinds of hackers, who now have installed backdoors everywhere in your enterprise network, after the first US (NSA) government master keys were revealed by reading from privileged memory with spectre, meltdown.

But RSA, X.509v3, even has more weaknesses: E.g. when you enclose some other person’s public key in your key and that person then signs back your key. In that case, you can reconstruct the other person’s private key and read all his/her encrypted messages. That attack is called ‘blind signing’.

That happened a few days ago, where from the german lawyer association only mixed up public and private key.

More about RSA security weaknesses: http://eprint.iacr.org/2001/002.pdf

In fact, a PKI infrastructure only is safe, when you can ensure, that this ‘blind signing attack’ can’t happen. You need sources. In Windows and Red Hat Linux sources aren’t included. You can’t build Red Hat binaries from .src.rpm.

Red Hat Linux is expensive; you pay for the US government spying on you!

Interesting: That is dating back to a CIA policy paper from 1996, long before 9/11.

Have fun!

P.S.: Raspberry Pi is not affected, neither by meltdown nor spectre. Perhaps you put very important data on that machine. :wink:

Depends what you mean by saying affected.

(GnuPG) Keys are stored securely in hardware, no matter if RAM can be read by Meltdown/Spectre. That is the whole purpose of such devices and still will be. So it depends on how the keys got there (generated on-device or from local key backup on pc).

Other points may are the same as for every other application/device. If you have specific questions about implications, please let us know.

1 Like

Our products are not affected because 1) they contain small micro controllers which don’t support branch prediction and speculative execution and 2) no foreign software can be executed on our devices.

1 Like

Thank you…
Just wanted to make sure…

P.S.: Raspberry Pi is not affected, neither by meltdown nor spectre. Perhaps you put very important data on that machine. :wink:

Raspberry Pi is hardly bootable without Raspberry blobs, so it is most likely under the same control as X86.

I would suggest rather a Beaglebone Black which has only a very small ROM blob only inside SoC processor. This board is often used by crypto currency miners, btw.

Though a few of ARMs like Cortex A5, A7 and A53 are free from CPU speculative issues, they still can run very nasty board maker blobs (in addition to factory SoC BROM blob) in their TrustZone.

P.S.: Raspberry Pi is not affected, neither by meltdown nor spectre. Perhaps you put very important data on that machine. :wink:

Raspberry Pi is affected by vendor BLOBs (it may include an agency trojan).

BeagleBone Black single board looks more trust-able because it has a small 32KB boot ROM BLOB in SoC only, but it may be affected by Spectre, because it has Sitara ™ ARM® Cortex-A8 SoC with speculative.

All other software on BBB can be BLOB free, e.g. Uboot, OS like OpenBSD or Linux running on it, etc.

Can someone please suggest a single board with Spectre free based CPU like Cortext A7 and capable to run OpenBSD and still free from startup BLOBs like Raspberry? Are Allwinner boards good for that purpose, say OrangePI?

While I understand that the obscurity creates uncertainty about complete system security, we should not spread claims about backdoors without proof. Firmware blobs could be needed e.g. for the DRM support, general key storage, or to protect software solution from the competition.

Ideal solution would be to use open SoC, which would not use any closed blobs internally. I do not know whether these are available or not (there is an open source CPU AFAIR).

@sanyo Regarding OpenBSD and boards, could you create another topic please?