SA-002: Potential Extraction of an Elliptic Curve Cryptography (ECC) private key via a side-channel attack
Vulnerability Type: Observable Timing Discrepancy
Affected Product(s): NPCT75x with Firmware versions 7.2.0.1, 7.2.0.2 and 7.2.1.0
Fixed Product(s): Firmware version: 7.2.2.0. Firmware updates are available from system OEMs.
Attack Type: Physical
Impact: Information Disclosure
Affected Components: The following Elliptic Curve Digital Signature Schemes - Elliptic Curve Digital Signature Algorithm (ECDSA), Elliptic Curve Schnorr (EC SCHNORR) and Elliptic Curve Direct Anonymous Attestation (ECDAA)
Attack Vector: An attacker with physical access to Nuvoton Trusted Platform Module NPCT75x (7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack, because of an Observable Timing Discrepancy.
Severity: Medium
Detailed Description: Same as “Attack Vector”.
Discoverer(s)/Credits:
Research presented at http://tpm.fail
Common Criteria ITSEF: Serma Safety & Technology
Researcher: Antonio de la Piedra
Researchers: Antonin Dufka and Petr Svenda from the Centre for Research on Cryptography and Security (CRoCS) at Masaryk University
CVE Identifier: CVE-2020-25082