SA-002: Potential Extraction of an Elliptic Curve Cryptography (ECC) private key via a side-channel attack

Vulnerability Type: Observable Timing Discrepancy

Affected Product(s): NPCT75x with Firmware versions 7.2.0.1, 7.2.0.2 and 7.2.1.0

Fixed Product(s): Firmware version: 7.2.2.0. Firmware updates are available from system OEMs.

Attack Type: Physical

Impact: Information Disclosure

Affected Components: The following Elliptic Curve Digital Signature Schemes - Elliptic Curve Digital Signature Algorithm (ECDSA), Elliptic Curve Schnorr (EC SCHNORR) and Elliptic Curve Direct Anonymous Attestation (ECDAA)

Attack Vector: An attacker with physical access to Nuvoton Trusted Platform Module NPCT75x (7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack, because of an Observable Timing Discrepancy.

Severity: Medium

Detailed Description: Same as “Attack Vector”. 

Discoverer(s)/Credits:

Research presented at http://tpm.fail

Common Criteria ITSEF: Serma Safety & Technology

Researcher: Antonio de la Piedra

Researchers: Antonin Dufka and Petr Svenda from the Centre for Research on Cryptography and Security (CRoCS) at Masaryk University

CVE Identifier: CVE-2020-25082