IBM CCA 3DES Exporter Key Generation Weakness

The IBM 4758 is a secure cryptographic co-processor supporting the IBM Common Cryptographic Architecture (CCA) software. It is commonly used by banks to support secure transactions between ATM machines and branches. These transactions are normally encrypted using the 3DES algorithm and a secret key.

The CCA library includes functionality to export 3DES keys if they are encrypted with an additional 3DES exporter key. A design flaw in the CCA library allows a user who is able to generate a 3DES exporter key to construct it out of a 3DES replicate key and a single DES data key, both of which provide only a single DES level of security. An attacker who is able to determine single DES keys through a brute force attack may leverage this ability to generate a known 3DES exporter key, and thus to export and expose sensitive 3DES keys.

It is possible that earlier versions of the CCA are also vulnerable to this attack, and that variants of the attack requiring different local access permissions exist.


Privacy Statement
Copyright 2010, SecurityFocus