Paranoid a project to detect weaknesses in cryptographic artifacts
The members of the Google security team, released through a blog post have made the decision to release the source code of the “Paranoid” library, designed to detect known weaknesses in large numbers of unreliable cryptographic artifacts, such as public keys and digital signatures created in vulnerable hardware and software systems (HSM).
The project can be useful for indirect evaluation of the use of algorithms and libraries that have known gaps and vulnerabilities that affect the reliability of the keys and digital signatures generated, whether the artifacts being verified are generated by hardware that is inaccessible for verification or closed components that are a black box.
In addition to that, Google also mentions that a black box can generate an artifact if, in one scenario, it was not generated by one of Google's own tools like Tink. This would also happen if it were generated by a library that Google can inspect and test using Wycheproof.
The goal of opening the library is to increase transparency, allow other ecosystems to use it (such as Certificate Authorities, CAs that need to perform similar checks to meet compliance), and receive contributions from outside researchers. In doing so, we are calling for contributions, in the hope that after researchers find and report cryptographic vulnerabilities, the checks will be added to the library. This way, Google and the rest of the world can respond quickly to new threats.
Library can also parse sets of pseudorandom numbers to determine the reliability of your generator and, using a large collection of artifacts, identify previously unknown problems that arise due to programming errors or the use of unreliable pseudo-random number generators.
On the other hand, it is also mentioned that Paranoid features implementations and optimizations that they were drawn from the existing literature related to cryptography, implying that the generation of these artifacts was flawed in some cases.
When checking the contents of the CT (Certificate Transparency) public registry, which includes information on more than 7 billion certificates, using the proposed library, problematic public keys based on elliptic curves (EC) and digital signatures based on the algorithm were not found. ECDSA, but problematic public keys were found according to the RSA algorithm.
After the disclosure of the ROCA vulnerability, we wondered what other weaknesses might exist in the cryptographic artifacts generated by black boxes and what we could do to detect and mitigate them. We then started working on this project in 2019 and built a library to perform checks against large numbers of cryptographic artifacts.
The library contains implementations and optimizations of existing works found in the literature. The literature shows that artifact generation is flawed in some cases; Below are examples of publications that the library is based on.
En particular, 3586 untrusted keys were identified generated by code with the unpatched CVE-2008-0166 vulnerability in the OpenSSL package for Debian, 2533 keys associated with the CVE-2017-15361 vulnerability in the Infineon library, and 1860 keys with the vulnerability associated with finding the greatest common divisor ( DCM).
Note that the project is intended to be light on the use of computational resources. The checks must be fast enough to run on a large number of artifacts and must make sense in the real-world production context. Projects with fewer restrictions, such as RsaCtfTool , may be more appropriate for different use cases.
Finally, it is mentioned that information on the problematic certificates that remained in use was sent to the certification centers for their revocation.
For interested in knowing more about the project, they should know that the code is written in Python and is released under the Apache 2.0 license. You can consult the details, as well as the source code In the following link.