<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>ROCA vulnerability - Wikipedia</title> <script>(function(){var className="client-js vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-toc-available";var cookie=document.cookie.match(/(?:^|; )enwikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy", "wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"45fb8ab7-8a7c-4abb-953c-ad7ce646a317","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"ROCA_vulnerability","wgTitle":"ROCA vulnerability","wgCurRevisionId":1119299291,"wgRevisionId":1119299291,"wgArticleId":55620314,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["Articles with short description","Short description is different from Wikidata","Cryptographic attacks","Attacks on public-key cryptosystems"],"wgPageViewLanguage":"en","wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgRelevantPageName":"ROCA_vulnerability","wgRelevantArticleId":55620314,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[],"wgRestrictionMove":[],"wgNoticeProject":"wikipedia", "wgCiteReferencePreviewsActive":false,"wgFlaggedRevsParams":{"tags":{"status":{"levels":1}}},"wgMediaViewerOnClick":true,"wgMediaViewerEnabledByDefault":true,"wgPopupsFlags":0,"wgVisualEditor":{"pageLanguageCode":"en","pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":9000,"wgRelatedArticlesCompat":[],"wgCentralAuthMobileDomain":false,"wgEditSubmitButtonLabelPublish":true,"wgULSPosition":"interlanguage","wgULSisCompactLinksEnabled":false,"wgVector2022LanguageInHeader":true,"wgULSisLanguageSelectorEmpty":false,"wgWikibaseItemId":"Q42936978","wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model","platform","platformVersion"],"GEHomepageSuggestedEditsEnableTopics":true,"wgGETopicsMatchModeEnabled":false,"wgGEStructuredTaskRejectionReasonTextInputEnabled":false, "wgGELevelingUpEnabledForUser":false};RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.cite.styles":"ready","ext.math.styles":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","jquery.makeCollapsible.styles":"ready","ext.wikimediamessages.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.uls.interlanguage":"ready","wikibase.client.init":"ready","ext.wikimediaBadges":"ready"};RLPAGEMODULES=["ext.cite.ux-enhancements","site","mediawiki.page.ready","jquery.makeCollapsible","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.gadget.ReferenceTooltips","ext.gadget.switcher","ext.urlShortener.toolbar","ext.centralauth.centralautologin","ext.popups","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.echo.centralauth", "ext.eventLogging","ext.wikimediaEvents","ext.navigationTiming","ext.uls.interface","ext.cx.eventlogging.campaigns","ext.cx.uls.quick.actions","wikibase.client.vector-2022","ext.checkUser.clientHints","ext.growthExperiments.SuggestedEditSession","wikibase.sidebar.tracking"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=ext.cite.styles%7Cext.math.styles%7Cext.uls.interlanguage%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediaBadges%7Cext.wikimediamessages.styles%7Cjquery.makeCollapsible.styles%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles%7Cwikibase.client.init&amp;only=styles&amp;skin=vector-2022"> <script async="" src="/w/load.php?lang=en&amp;modules=startup&amp;only=scripts&amp;raw=1&amp;skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=site.styles&amp;only=styles&amp;skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.4"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta name="viewport" content="width=1120"> <meta property="og:title" content="ROCA vulnerability - Wikipedia"> <meta property="og:type" content="website"> <link rel="alternate" media="only screen and (max-width: 640px)" href="//en.m.wikipedia.org/wiki/ROCA_vulnerability"> <link rel="alternate" type="application/x-wiki" title="Edit this page" href="/w/index.php?title=ROCA_vulnerability&amp;action=edit"> <link rel="apple-touch-icon" href="/static/apple-touch/wikipedia.png"> <link rel="icon" href="/static/favicon/wikipedia.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="Wikipedia (en)"> <link rel="EditURI" type="application/rsd+xml" href="//en.wikipedia.org/w/api.php?action=rsd"> <link rel="canonical" href="https://en.wikipedia.org/wiki/ROCA_vulnerability"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/deed.en"> <link rel="alternate" type="application/atom+xml" title="Wikipedia Atom feed" href="/w/index.php?title=Special:RecentChanges&amp;feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="//login.wikimedia.org"> </head> <body class="skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-ROCA_vulnerability rootpage-ROCA_vulnerability skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-menu mw-ui-icon-wikimedia-menu"></span> <span class="vector-dropdown-label-text">Main menu</span> </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-contents" class="mw-list-item"><a href="/wiki/Wikipedia:Contents" title="Guides to browsing Wikipedia"><span>Contents</span></a></li><li id="n-currentevents" class="mw-list-item"><a href="/wiki/Portal:Current_events" title="Articles related to current events"><span>Current events</span></a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Visit a randomly selected article [x]" accesskey="x"><span>Random article</span></a></li><li id="n-aboutsite" class="mw-list-item"><a href="/wiki/Wikipedia:About" title="Learn about Wikipedia and how it works"><span>About Wikipedia</span></a></li><li id="n-contactpage" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us" title="How to contact Wikipedia"><span>Contact us</span></a></li> </ul> </div> </div> <div id="p-interaction" class="vector-menu mw-portlet mw-portlet-interaction" > <div class="vector-menu-heading"> Contribute </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-help" class="mw-list-item"><a href="/wiki/Help:Contents" title="Guidance on how to use and edit Wikipedia"><span>Help</span></a></li><li id="n-introduction" class="mw-list-item"><a href="/wiki/Help:Introduction" title="Learn how to edit Wikipedia"><span>Learn to edit</span></a></li><li id="n-portal" class="mw-list-item"><a href="/wiki/Wikipedia:Community_portal" title="The hub for editors"><span>Community portal</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes to Wikipedia [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_upload_wizard" title="Add images or other media for use on Wikipedia"><span>Upload file</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/Main_Page" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/wikipedia.png" alt="" aria-hidden="true" height="50" width="50"> <span class="mw-logo-container skin-invert"> <img class="mw-logo-wordmark" alt="Wikipedia" src="/static/images/mobile/copyright/wikipedia-wordmark-en.svg" style="width: 7.5em; height: 1.125em;"> <img class="mw-logo-tagline" alt="The Free Encyclopedia" src="/static/images/mobile/copyright/wikipedia-tagline-en.svg" width="117" height="13" style="width: 7.3125em; height: 0.8125em;"> </span> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search Wikipedia [f]" accesskey="f"><span class="vector-icon mw-ui-icon-search mw-ui-icon-wikimedia-search"></span> <span>Search</span> </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia" aria-label="Search Wikipedia" autocapitalize="sentences" title="Search Wikipedia [f]" accesskey="f" id="searchInput" > <span class="cdx-text-input__icon cdx-text-input__start-icon"></span> </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page&#039;s font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-appearance mw-ui-icon-wikimedia-appearance"></span> <span class="vector-dropdown-label-text">Appearance</span> </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/wiki/Special:FundraiserRedirector?utm_source=donate&amp;utm_medium=sidebar&amp;utm_campaign=C13_en.wikipedia.org&amp;uselang=en" class=""><span>Donate</span></a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&amp;returnto=ROCA+vulnerability" title="You are encouraged to create an account and log in; however, it is not mandatory" class=""><span>Create account</span></a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&amp;returnto=ROCA+vulnerability" title="You&#039;re encouraged to log in; however, it&#039;s not mandatory. [o]" accesskey="o" class=""><span>Log in</span></a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out" title="Log in and more options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-ellipsis mw-ui-icon-wikimedia-ellipsis"></span> <span class="vector-dropdown-label-text">Personal tools</span> </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/wiki/Special:FundraiserRedirector?utm_source=donate&amp;utm_medium=sidebar&amp;utm_campaign=C13_en.wikipedia.org&amp;uselang=en"><span>Donate</span></a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&amp;returnto=ROCA+vulnerability" title="You are encouraged to create an account and log in; however, it is not mandatory"><span class="vector-icon mw-ui-icon-userAdd mw-ui-icon-wikimedia-userAdd"></span> <span>Create account</span></a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&amp;returnto=ROCA+vulnerability" title="You&#039;re encouraged to log in; however, it&#039;s not mandatory. [o]" accesskey="o"><span class="vector-icon mw-ui-icon-logIn mw-ui-icon-wikimedia-logIn"></span> <span>Log in</span></a></li> </ul> </div> </div> <div id="p-user-menu-anon-editor" class="vector-menu mw-portlet mw-portlet-user-menu-anon-editor" > <div class="vector-menu-heading"> Pages for logged out editors <a href="/wiki/Help:Introduction" aria-label="Learn more about editing"><span>learn more</span></a> </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y"><span>Contributions</span></a></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n"><span>Talk</span></a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"><!-- CentralNotice --></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">(Top)</div> </a> </li> <li id="toc-Technical_details" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Technical_details"> <div class="vector-toc-text"> <span class="vector-toc-numb">1</span> <span>Technical details</span> </div> </a> <ul id="toc-Technical_details-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Mitigation" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Mitigation"> <div class="vector-toc-text"> <span class="vector-toc-numb">2</span> <span>Mitigation</span> </div> </a> <ul id="toc-Mitigation-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Implications" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Implications"> <div class="vector-toc-text"> <span class="vector-toc-numb">3</span> <span>Implications</span> </div> </a> <ul id="toc-Implications-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-See_also" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#See_also"> <div class="vector-toc-text"> <span class="vector-toc-numb">4</span> <span>See also</span> </div> </a> <ul id="toc-See_also-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-References" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#References"> <div class="vector-toc-text"> <span class="vector-toc-numb">5</span> <span>References</span> </div> </a> <ul id="toc-References-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-External_links" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#External_links"> <div class="vector-toc-text"> <span class="vector-toc-numb">6</span> <span>External links</span> </div> </a> <ul id="toc-External_links-sublist" class="vector-toc-list"> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" ><span class="vector-icon mw-ui-icon-listBullet mw-ui-icon-wikimedia-listBullet"></span> <span class="vector-dropdown-label-text">Toggle the table of contents</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading"><span class="mw-page-title-main">ROCA vulnerability</span></h1> <div id="p-lang-btn" class="vector-dropdown mw-portlet mw-portlet-lang" > <input type="checkbox" id="p-lang-btn-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-p-lang-btn" class="vector-dropdown-checkbox mw-interlanguage-selector" aria-label="Go to an article in another language. Available in 4 languages" > <label id="p-lang-btn-label" for="p-lang-btn-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive mw-portlet-lang-heading-4" aria-hidden="true" ><span class="vector-icon mw-ui-icon-language-progressive mw-ui-icon-wikimedia-language-progressive"></span> <span class="vector-dropdown-label-text">4 languages</span> </label> <div class="vector-dropdown-content"> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li class="interlanguage-link interwiki-cs mw-list-item"><a href="https://cs.wikipedia.org/wiki/ROCA" title="ROCA – Czech" lang="cs" hreflang="cs" data-title="ROCA" data-language-autonym="Čeština" data-language-local-name="Czech" class="interlanguage-link-target"><span>Čeština</span></a></li><li class="interlanguage-link interwiki-de mw-list-item"><a href="https://de.wikipedia.org/wiki/ROCA-Verwundbarkeit" title="ROCA-Verwundbarkeit – German" lang="de" hreflang="de" data-title="ROCA-Verwundbarkeit" data-language-autonym="Deutsch" data-language-local-name="German" class="interlanguage-link-target"><span>Deutsch</span></a></li><li class="interlanguage-link interwiki-ja mw-list-item"><a href="https://ja.wikipedia.org/wiki/ROCA%E8%84%86%E5%BC%B1%E6%80%A7" title="ROCA脆弱性 – Japanese" lang="ja" hreflang="ja" data-title="ROCA脆弱性" data-language-autonym="日本語" data-language-local-name="Japanese" class="interlanguage-link-target"><span>日本語</span></a></li><li class="interlanguage-link interwiki-fi mw-list-item"><a href="https://fi.wikipedia.org/wiki/ROCA-haavoittuvuus" title="ROCA-haavoittuvuus – Finnish" lang="fi" hreflang="fi" data-title="ROCA-haavoittuvuus" data-language-autonym="Suomi" data-language-local-name="Finnish" class="interlanguage-link-target"><span>Suomi</span></a></li> </ul> <div class="after-portlet after-portlet-lang"><span class="wb-langlinks-edit wb-langlinks-link"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q42936978#sitelinks-wikipedia" title="Edit interlanguage links" class="wbc-editpage">Edit links</a></span></div> </div> </div> </div> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/ROCA_vulnerability" title="View the content page [c]" accesskey="c"><span>Article</span></a></li><li id="ca-talk" class="vector-tab-noicon mw-list-item"><a href="/wiki/Talk:ROCA_vulnerability" rel="discussion" title="Discuss improvements to the content page [t]" accesskey="t"><span>Talk</span></a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">English</span> </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/ROCA_vulnerability"><span>Read</span></a></li><li id="ca-edit" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=ROCA_vulnerability&amp;action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" ><span class="vector-dropdown-label-text">Tools</span> </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/ROCA_vulnerability"><span>Read</span></a></li><li id="ca-more-edit" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=ROCA_vulnerability&amp;action=history"><span>View history</span></a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/ROCA_vulnerability" title="List of all English Wikipedia pages containing links to this page [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/ROCA_vulnerability" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_Upload_Wizard" title="Upload files [u]" accesskey="u"><span>Upload file</span></a></li><li id="t-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages" title="A list of all special pages [q]" accesskey="q"><span>Special pages</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=ROCA_vulnerability&amp;oldid=1119299291" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=ROCA_vulnerability&amp;action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&amp;page=ROCA_vulnerability&amp;id=1119299291&amp;wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&amp;url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FROCA_vulnerability"><span>Get shortened URL</span></a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&amp;url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FROCA_vulnerability"><span>Download QR code</span></a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&amp;page=ROCA_vulnerability&amp;action=show-download-screen" title="Download this page as a PDF file"><span>Download as PDF</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=ROCA_vulnerability&amp;printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li> </ul> </div> </div> <div id="p-wikibase-otherprojects" class="vector-menu mw-portlet mw-portlet-wikibase-otherprojects" > <div class="vector-menu-heading"> In other projects </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-wikibase" class="wb-otherproject-link wb-otherproject-wikibase-dataitem mw-list-item"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q42936978" title="Structured data on this page hosted by Wikidata [g]" accesskey="g"><span>Wikidata item</span></a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div class="mw-indicators"> </div> <div id="siteSub" class="noprint">From Wikipedia, the free encyclopedia</div> </div> <div id="contentSub"><div id="mw-content-subtitle"></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-content-ltr mw-parser-output" lang="en" dir="ltr"><div class="shortdescription nomobile noexcerpt noprint searchaux" style="display:none">Cryptographic valunerability</div> <style data-mw-deduplicate="TemplateStyles:r1257001546">.mw-parser-output .infobox-subbox{padding:0;border:none;margin:-3px;width:auto;min-width:100%;font-size:100%;clear:none;float:none;background-color:transparent}.mw-parser-output .infobox-3cols-child{margin:auto}.mw-parser-output .infobox .navbar{font-size:100%}@media screen{html.skin-theme-clientpref-night .mw-parser-output .infobox-full-data:not(.notheme)>div:not(.notheme)[style]{background:#1f1f23!important;color:#f8f9fa}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .infobox-full-data:not(.notheme) div:not(.notheme){background:#1f1f23!important;color:#f8f9fa}}@media(min-width:640px){body.skin--responsive .mw-parser-output .infobox-table{display:table!important}body.skin--responsive .mw-parser-output .infobox-table>caption{display:table-caption!important}body.skin--responsive .mw-parser-output .infobox-table>tbody{display:table-row-group}body.skin--responsive .mw-parser-output .infobox-table tr{display:table-row!important}body.skin--responsive .mw-parser-output .infobox-table th,body.skin--responsive .mw-parser-output .infobox-table td{padding-left:inherit;padding-right:inherit}}</style><table class="infobox"><caption class="infobox-title">ROCA vulnerability</caption><tbody><tr><th scope="row" class="infobox-label"><a href="/wiki/CVE_(identifier)" class="mw-redirect" title="CVE (identifier)">CVE identifier(s)</a></th><td class="infobox-data"><a href="/wiki/CVE_(identifier)" class="mw-redirect" title="CVE (identifier)">CVE</a>-<style data-mw-deduplicate="TemplateStyles:r1238218222">.mw-parser-output cite.citation{font-style:inherit;word-wrap:break-word}.mw-parser-output .citation q{quotes:"\"""\"""'""'"}.mw-parser-output .citation:target{background-color:rgba(0,127,255,0.133)}.mw-parser-output .id-lock-free.id-lock-free a{background:url("//upload.wikimedia.org/wikipedia/commons/6/65/Lock-green.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-limited.id-lock-limited a,.mw-parser-output .id-lock-registration.id-lock-registration a{background:url("//upload.wikimedia.org/wikipedia/commons/d/d6/Lock-gray-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-subscription.id-lock-subscription a{background:url("//upload.wikimedia.org/wikipedia/commons/a/aa/Lock-red-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .cs1-ws-icon a{background:url("//upload.wikimedia.org/wikipedia/commons/4/4c/Wikisource-logo.svg")right 0.1em center/12px no-repeat}body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-free a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-limited a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-registration a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-subscription a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .cs1-ws-icon a{background-size:contain;padding:0 1em 0 0}.mw-parser-output .cs1-code{color:inherit;background:inherit;border:none;padding:inherit}.mw-parser-output .cs1-hidden-error{display:none;color:var(--color-error,#d33)}.mw-parser-output .cs1-visible-error{color:var(--color-error,#d33)}.mw-parser-output .cs1-maint{display:none;color:#085;margin-left:0.3em}.mw-parser-output .cs1-kern-left{padding-left:0.2em}.mw-parser-output .cs1-kern-right{padding-right:0.2em}.mw-parser-output .citation .mw-selflink{font-weight:inherit}@media screen{.mw-parser-output .cs1-format{font-size:95%}html.skin-theme-clientpref-night .mw-parser-output .cs1-maint{color:#18911f}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .cs1-maint{color:#18911f}}</style><a rel="nofollow" class="external text" href="https://nvd.nist.gov/vuln/detail/CVE-2017-15361">2017-15361</a></td></tr><tr><th scope="row" class="infobox-label">Date discovered</th><td class="infobox-data">February 2017<span class="noprint">&#59;&#32;7 years ago</span><span style="display:none">&#160;(<span class="bday dtstart published updated">February 2017</span>)</span></td></tr><tr><th scope="row" class="infobox-label">Discoverer</th><td class="infobox-data">Matúš Nemec, Marek Sýs, et al. (<a href="/wiki/Masaryk_University" title="Masaryk University">Masaryk University</a>)</td></tr><tr><th scope="row" class="infobox-label">Affected hardware</th><td class="infobox-data"><a href="/wiki/Trusted_Platform_Module" title="Trusted Platform Module">TPM</a>, <a href="/wiki/Yubikey" class="mw-redirect" title="Yubikey">Yubikey</a>, Gemalto IDPrime .NET <a href="/wiki/Smart_card" title="Smart card">smart cards</a></td></tr><tr><th scope="row" class="infobox-label">Affected software</th><td class="infobox-data">Any public-private key encryption that used RSALib including <a href="/wiki/BitLocker" title="BitLocker">BitLocker</a> and <a href="/wiki/Pretty_Good_Privacy" title="Pretty Good Privacy">PGP</a></td></tr></tbody></table> <p>The <b>ROCA vulnerability</b> is a <a href="/wiki/Cryptography" title="Cryptography">cryptographic</a> weakness that allows the <a href="/wiki/Public-key_cryptography" title="Public-key cryptography"> private key</a> of a key pair to be recovered from the <a href="/wiki/Public-key_cryptography" title="Public-key cryptography">public key</a> in keys generated by devices with the vulnerability. "ROCA" is an acronym for "Return of <a href="/wiki/Coppersmith%27s_attack" title="Coppersmith&#39;s attack">Coppersmith's attack</a>".<sup id="cite_ref-Goodin2017_1-0" class="reference"><a href="#cite_note-Goodin2017-1"><span class="cite-bracket">&#91;</span>1<span class="cite-bracket">&#93;</span></a></sup> The vulnerability has been given the identifier <a href="/wiki/CVE_(identifier)" class="mw-redirect" title="CVE (identifier)">CVE</a>-<link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><a rel="nofollow" class="external text" href="https://nvd.nist.gov/vuln/detail/CVE-2017-15361">2017-15361</a>. </p><p>The vulnerability arises from a problem with an approach to <a href="/wiki/RSA_(cryptosystem)" title="RSA (cryptosystem)">RSA</a> <a href="/wiki/Key_generation" title="Key generation">key generation</a> used in vulnerable versions of a <a href="/wiki/Library_(computing)" title="Library (computing)">software library</a>, <i>RSALib</i>, provided by <a href="/wiki/Infineon_Technologies" title="Infineon Technologies">Infineon Technologies</a>, and incorporated into many <a href="/wiki/Smart_card" title="Smart card">smart cards</a>, <a href="/wiki/Trusted_Platform_Module" title="Trusted Platform Module">Trusted Platform Module</a> (TPM), and Hardware Security Modules (HSM) implementations, including <a href="/wiki/YubiKey" title="YubiKey">YubiKey</a> 4 tokens, often used to generate <a href="/wiki/Pretty_Good_Privacy" title="Pretty Good Privacy">PGP</a> keys. Keys of lengths 512, 1024, and 2048 bits generated using these versions of the Infineon library are vulnerable to a practical ROCA attack.<sup id="cite_ref-nemecsys_2-0" class="reference"><a href="#cite_note-nemecsys-2"><span class="cite-bracket">&#91;</span>2<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-thehackernews_3-0" class="reference"><a href="#cite_note-thehackernews-3"><span class="cite-bracket">&#91;</span>3<span class="cite-bracket">&#93;</span></a></sup> The research team that discovered the attack (all with <a href="/wiki/Masaryk_University" title="Masaryk University">Masaryk University</a> and led by Matúš Nemec and Marek Sýs)<sup id="cite_ref-nemecsys_2-1" class="reference"><a href="#cite_note-nemecsys-2"><span class="cite-bracket">&#91;</span>2<span class="cite-bracket">&#93;</span></a></sup> estimate that it affected around one-quarter of all current TPM devices globally.<sup id="cite_ref-4" class="reference"><a href="#cite_note-4"><span class="cite-bracket">&#91;</span>4<span class="cite-bracket">&#93;</span></a></sup> Millions of <a href="/wiki/Smart_card" title="Smart card">smart cards</a> are believed to be affected.<sup id="cite_ref-Goodin2017_1-1" class="reference"><a href="#cite_note-Goodin2017-1"><span class="cite-bracket">&#91;</span>1<span class="cite-bracket">&#93;</span></a></sup> </p><p>The team informed Infineon of the <i>RSALib</i> problem in February 2017, but withheld public notice until mid-October, citing <a href="/wiki/Responsible_disclosure" class="mw-redirect" title="Responsible disclosure">responsible disclosure</a>. At that time they announced the attack and provided a tool to test public keys for vulnerability. They published the details of the attack in November.<sup id="cite_ref-nemecsys_2-2" class="reference"><a href="#cite_note-nemecsys-2"><span class="cite-bracket">&#91;</span>2<span class="cite-bracket">&#93;</span></a></sup> </p> <meta property="mw:PageProp/toc" /> <div class="mw-heading mw-heading2"><h2 id="Technical_details">Technical details</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit&amp;section=1" title="Edit section: Technical details"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>Generating an RSA key involves selecting two large <a href="/wiki/Random_number_generation" title="Random number generation">randomly-generated</a> <a href="/wiki/Prime_number" title="Prime number">prime numbers</a>, a process that can be time-consuming, particularly on small devices, such as smart cards. In addition to being primes, the numbers should have certain other properties for best security. The vulnerable <i>RSALib</i> selection process quickly creates primes of the desired type by only testing for primality numbers of the form: </p> <dl><dd><span class="mwe-math-element"><span class="mwe-math-mathml-inline mwe-math-mathml-a11y" style="display: none;"><math xmlns="http://www.w3.org/1998/Math/MathML" alttext="{\displaystyle k*M+(65537^{a}\mod {M})}"> <semantics> <mrow class="MJX-TeXAtom-ORD"> <mstyle displaystyle="true" scriptlevel="0"> <mi>k</mi> <mo>&#x2217;<!-- ∗ --></mo> <mi>M</mi> <mo>+</mo> <mo stretchy="false">(</mo> <msup> <mn>65537</mn> <mrow class="MJX-TeXAtom-ORD"> <mi>a</mi> </mrow> </msup> <mspace width="1em" /> <mi>mod</mi> <mspace width="thinmathspace" /> <mspace width="thinmathspace" /> <mi>M</mi> <mo stretchy="false">)</mo> </mstyle> </mrow> <annotation encoding="application/x-tex">{\displaystyle k*M+(65537^{a}\mod {M})}</annotation> </semantics> </math></span><img src="https://wikimedia.org/api/rest_v1/media/math/render/svg/4590fffcf3146e6d5c5d3a441f5b1b0eb11d1c26" class="mwe-math-fallback-image-inline mw-invert skin-invert" aria-hidden="true" style="vertical-align: -0.838ex; width:28.116ex; height:2.843ex;" alt="{\displaystyle k*M+(65537^{a}\mod {M})}"></span></dd></dl> <p>where <span class="mwe-math-element"><span class="mwe-math-mathml-inline mwe-math-mathml-a11y" style="display: none;"><math xmlns="http://www.w3.org/1998/Math/MathML" alttext="{\displaystyle M}"> <semantics> <mrow class="MJX-TeXAtom-ORD"> <mstyle displaystyle="true" scriptlevel="0"> <mi>M</mi> </mstyle> </mrow> <annotation encoding="application/x-tex">{\displaystyle M}</annotation> </semantics> </math></span><img src="https://wikimedia.org/api/rest_v1/media/math/render/svg/f82cade9898ced02fdd08712e5f0c0151758a0dd" class="mwe-math-fallback-image-inline mw-invert skin-invert" aria-hidden="true" style="vertical-align: -0.338ex; width:2.442ex; height:2.176ex;" alt="{\displaystyle M}"></span> is the product of the first <i>n</i> successive primes (2, 3, 5, 7, 11, 13,...), and <i>n</i> is a constant that only depends on the desired key size. The security is based on the secret constants <span class="mwe-math-element"><span class="mwe-math-mathml-inline mwe-math-mathml-a11y" style="display: none;"><math xmlns="http://www.w3.org/1998/Math/MathML" alttext="{\displaystyle k}"> <semantics> <mrow class="MJX-TeXAtom-ORD"> <mstyle displaystyle="true" scriptlevel="0"> <mi>k</mi> </mstyle> </mrow> <annotation encoding="application/x-tex">{\displaystyle k}</annotation> </semantics> </math></span><img src="https://wikimedia.org/api/rest_v1/media/math/render/svg/c3c9a2c7b599b37105512c5d570edc034056dd40" class="mwe-math-fallback-image-inline mw-invert skin-invert" aria-hidden="true" style="vertical-align: -0.338ex; width:1.211ex; height:2.176ex;" alt="{\displaystyle k}"></span> and <span class="mwe-math-element"><span class="mwe-math-mathml-inline mwe-math-mathml-a11y" style="display: none;"><math xmlns="http://www.w3.org/1998/Math/MathML" alttext="{\displaystyle a}"> <semantics> <mrow class="MJX-TeXAtom-ORD"> <mstyle displaystyle="true" scriptlevel="0"> <mi>a</mi> </mstyle> </mrow> <annotation encoding="application/x-tex">{\displaystyle a}</annotation> </semantics> </math></span><img src="https://wikimedia.org/api/rest_v1/media/math/render/svg/ffd2487510aa438433a2579450ab2b3d557e5edc" class="mwe-math-fallback-image-inline mw-invert skin-invert" aria-hidden="true" style="vertical-align: -0.338ex; width:1.23ex; height:1.676ex;" alt="{\displaystyle a}"></span>. The ROCA attack exploits this particular format for primes using a variation of the <a href="/wiki/Coppersmith_method" title="Coppersmith method">Coppersmith method</a>. In addition, public keys generated this way have a distinctive fingerprint that can be quickly recognized by attempting to compute the <a href="/wiki/Discrete_logarithm" title="Discrete logarithm">discrete logarithm</a> of the public key mod <span class="mwe-math-element"><span class="mwe-math-mathml-inline mwe-math-mathml-a11y" style="display: none;"><math xmlns="http://www.w3.org/1998/Math/MathML" alttext="{\displaystyle M}"> <semantics> <mrow class="MJX-TeXAtom-ORD"> <mstyle displaystyle="true" scriptlevel="0"> <mi>M</mi> </mstyle> </mrow> <annotation encoding="application/x-tex">{\displaystyle M}</annotation> </semantics> </math></span><img src="https://wikimedia.org/api/rest_v1/media/math/render/svg/f82cade9898ced02fdd08712e5f0c0151758a0dd" class="mwe-math-fallback-image-inline mw-invert skin-invert" aria-hidden="true" style="vertical-align: -0.338ex; width:2.442ex; height:2.176ex;" alt="{\displaystyle M}"></span> to base <a href="/wiki/65537" class="mw-redirect" title="65537">65537</a>. Computing discrete logarithms in a large group is usually extremely difficult, but in this case it can be done efficiently using the <a href="/wiki/Pohlig%E2%80%93Hellman_algorithm" title="Pohlig–Hellman algorithm">Pohlig–Hellman algorithm</a> because <span class="mwe-math-element"><span class="mwe-math-mathml-inline mwe-math-mathml-a11y" style="display: none;"><math xmlns="http://www.w3.org/1998/Math/MathML" alttext="{\displaystyle M}"> <semantics> <mrow class="MJX-TeXAtom-ORD"> <mstyle displaystyle="true" scriptlevel="0"> <mi>M</mi> </mstyle> </mrow> <annotation encoding="application/x-tex">{\displaystyle M}</annotation> </semantics> </math></span><img src="https://wikimedia.org/api/rest_v1/media/math/render/svg/f82cade9898ced02fdd08712e5f0c0151758a0dd" class="mwe-math-fallback-image-inline mw-invert skin-invert" aria-hidden="true" style="vertical-align: -0.338ex; width:2.442ex; height:2.176ex;" alt="{\displaystyle M}"></span> is a <a href="/wiki/Smooth_number" title="Smooth number">smooth number</a>. A test site is available on the Internet.<sup id="cite_ref-nemecsys_2-3" class="reference"><a href="#cite_note-nemecsys-2"><span class="cite-bracket">&#91;</span>2<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-5" class="reference"><a href="#cite_note-5"><span class="cite-bracket">&#91;</span>5<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-6" class="reference"><a href="#cite_note-6"><span class="cite-bracket">&#91;</span>6<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-7" class="reference"><a href="#cite_note-7"><span class="cite-bracket">&#91;</span>7<span class="cite-bracket">&#93;</span></a></sup> In short, keys that fit this format have significantly low entropy and can be attacked relatively efficiently (weeks to months), and the format can be confirmed ("fingerprinted") by the attacker very quickly (microseconds). Multiple implementations of the attack are publicly available.<sup id="cite_ref-8" class="reference"><a href="#cite_note-8"><span class="cite-bracket">&#91;</span>8<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-9" class="reference"><a href="#cite_note-9"><span class="cite-bracket">&#91;</span>9<span class="cite-bracket">&#93;</span></a></sup><sup id="cite_ref-10" class="reference"><a href="#cite_note-10"><span class="cite-bracket">&#91;</span>10<span class="cite-bracket">&#93;</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Mitigation">Mitigation</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit&amp;section=2" title="Edit section: Mitigation"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>The ROCA authors consider public keys of length 512, 1024 and 2048-bits generated by <i>RSALib</i> to be vulnerable. Because the details of key generation differ for different key lengths, shorter keys are not necessarily more vulnerable than longer keys. For example, a 1952-bit RSAlib key is stronger than a 2048-bit key and a 4096-bit key is weaker than a 3072-bit key. </p><p>The best mitigation, according to the authors, is to generate RSA keys using a stronger method, such as by <a href="/wiki/OpenSSL" title="OpenSSL">OpenSSL</a>. If that is not possible, the ROCA authors suggest using key lengths that are less susceptible to ROCA such as 3936-bit, 3072-bit or, if there is a 2048-bit key size maximum, 1952-bits.<sup id="cite_ref-nemecsys_2-4" class="reference"><a href="#cite_note-nemecsys-2"><span class="cite-bracket">&#91;</span>2<span class="cite-bracket">&#93;</span></a></sup><sup class="reference nowrap"><span title="Page / location: Sec 5.1">&#58;&#8202;Sec 5.1&#8202;</span></sup> </p><p>Infineon has released firmware updates for its <a href="/wiki/Trusted_Platform_Module" title="Trusted Platform Module">Trusted Platform Modules</a> to manufacturers who have used its TPMs.<sup id="cite_ref-11" class="reference"><a href="#cite_note-11"><span class="cite-bracket">&#91;</span>11<span class="cite-bracket">&#93;</span></a></sup> </p> <div class="mw-heading mw-heading2"><h2 id="Implications">Implications</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit&amp;section=3" title="Edit section: Implications"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <p>The vulnerability highlighted several <a href="/wiki/Common_Criteria#Criticisms" title="Common Criteria">shortcomings of the Common Criteria certification scheme</a> as the vulnerability was present in a list of Common Criteria certified smart card products. Namely, the approval of homegrown cryptographic algorithms; the lack of transparency in certification reports, inability to revoke Common Criteria certificates for known vulnerable products and distribute this information to the users of the certified products.<sup id="cite_ref-parsovs_phd_12-0" class="reference"><a href="#cite_note-parsovs_phd-12"><span class="cite-bracket">&#91;</span>12<span class="cite-bracket">&#93;</span></a></sup><sup class="reference nowrap"><span title="Page: Sec 6.7.5">&#58;&#8202;Sec 6.7.5&#8202;</span></sup> </p><p>In Estonia, the discovery of the vulnerability resulted in a state-level cyber crisis as the vulnerable smart card chip was deployed on more than 750,000 <a href="/wiki/Estonian_identity_card" title="Estonian identity card">Estonian identity cards</a> that are used daily by Estonian residents and e-residents to securely authenticate online and create digital signatures.<sup id="cite_ref-parsovs_phd_12-1" class="reference"><a href="#cite_note-parsovs_phd-12"><span class="cite-bracket">&#91;</span>12<span class="cite-bracket">&#93;</span></a></sup><sup class="reference nowrap"><span title="Page / location: Sec 6.7">&#58;&#8202;Sec 6.7&#8202;</span></sup> </p> <div class="mw-heading mw-heading2"><h2 id="See_also">See also</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit&amp;section=4" title="Edit section: See also"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <ul><li><a href="/wiki/BitLocker#Security_concerns" title="BitLocker">BitLocker §&#160;Security concerns</a></li> <li><a href="/wiki/Infineon_Technologies#Security_flaw" title="Infineon Technologies">Infineon Technologies §&#160;Security flaw</a></li> <li><a href="/wiki/Trusted_Platform_Module" title="Trusted Platform Module">Trusted Platform Module</a></li></ul> <div class="mw-heading mw-heading2"><h2 id="References">References</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit&amp;section=5" title="Edit section: References"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <style data-mw-deduplicate="TemplateStyles:r1239543626">.mw-parser-output .reflist{margin-bottom:0.5em;list-style-type:decimal}@media screen{.mw-parser-output .reflist{font-size:90%}}.mw-parser-output .reflist .references{font-size:100%;margin-bottom:0;list-style-type:inherit}.mw-parser-output .reflist-columns-2{column-width:30em}.mw-parser-output .reflist-columns-3{column-width:25em}.mw-parser-output .reflist-columns{margin-top:0.3em}.mw-parser-output .reflist-columns ol{margin-top:0}.mw-parser-output .reflist-columns li{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .reflist-upper-alpha{list-style-type:upper-alpha}.mw-parser-output .reflist-upper-roman{list-style-type:upper-roman}.mw-parser-output .reflist-lower-alpha{list-style-type:lower-alpha}.mw-parser-output .reflist-lower-greek{list-style-type:lower-greek}.mw-parser-output .reflist-lower-roman{list-style-type:lower-roman}</style><div class="reflist"> <div class="mw-references-wrap mw-references-columns"><ol class="references"> <li id="cite_note-Goodin2017-1"><span class="mw-cite-backlink">^ <a href="#cite_ref-Goodin2017_1-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-Goodin2017_1-1">^{<i><b>b</b></i>}</a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGoodin2017" class="citation news cs1">Goodin, Dan (2017-10-23). <a rel="nofollow" class="external text" href="https://arstechnica.com/information-technology/2017/10/crippling-crypto-weakness-opens-millions-of-smartcards-to-cloning/">"Crippling crypto weakness opens millions of smartcards to cloning"</a>. <i>Ars Technica</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2017-10-25</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=Ars+Technica&amp;rft.atitle=Crippling+crypto+weakness+opens+millions+of+smartcards+to+cloning&amp;rft.date=2017-10-23&amp;rft.aulast=Goodin&amp;rft.aufirst=Dan&amp;rft_id=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F10%2Fcrippling-crypto-weakness-opens-millions-of-smartcards-to-cloning%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-nemecsys-2"><span class="mw-cite-backlink">^ <a href="#cite_ref-nemecsys_2-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-nemecsys_2-1">^{<i><b>b</b></i>}</a> <a href="#cite_ref-nemecsys_2-2">^{<i><b>c</b></i>}</a> <a href="#cite_ref-nemecsys_2-3">^{<i><b>d</b></i>}</a> <a href="#cite_ref-nemecsys_2-4">^{<i><b>e</b></i>}</a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFNemecSysSvendaKlinec2017" class="citation conference cs1">Nemec, Matus; Sys, Marek; Svenda, Petr; Klinec, Dusan; Matyas, Vashek (November 2017). <a rel="nofollow" class="external text" href="https://crocs.fi.muni.cz/_media/public/papers/nemec_roca_ccs17_preprint.pdf">"The Return of Coppersmith's Attack: Practical Factorization of Widely Used RSA Moduli"</a> <span class="cs1-format">(PDF)</span>. <i>Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security</i>. CCS '17. <a href="/wiki/Doi_(identifier)" class="mw-redirect" title="Doi (identifier)">doi</a>:<a rel="nofollow" class="external text" href="https://doi.org/10.1145%2F3133956.3133969">10.1145/3133956.3133969</a>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=conference&amp;rft.atitle=The+Return+of+Coppersmith%27s+Attack%3A+Practical+Factorization+of+Widely+Used+RSA+Moduli&amp;rft.btitle=Proceedings+of+the+2017+ACM+SIGSAC+Conference+on+Computer+and+Communications+Security&amp;rft.series=CCS+%2717&amp;rft.date=2017-11&amp;rft_id=info%3Adoi%2F10.1145%2F3133956.3133969&amp;rft.aulast=Nemec&amp;rft.aufirst=Matus&amp;rft.au=Sys%2C+Marek&amp;rft.au=Svenda%2C+Petr&amp;rft.au=Klinec%2C+Dusan&amp;rft.au=Matyas%2C+Vashek&amp;rft_id=https%3A%2F%2Fcrocs.fi.muni.cz%2F_media%2Fpublic%2Fpapers%2Fnemec_roca_ccs17_preprint.pdf&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-thehackernews-3"><span class="mw-cite-backlink"><b><a href="#cite_ref-thehackernews_3-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFKhandelwal" class="citation news cs1">Khandelwal, Swati. <a rel="nofollow" class="external text" href="https://thehackernews.com/2017/10/rsa-encryption-keys.html">"Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices"</a>. <i>The Hacker News</i><span class="reference-accessdate">. Retrieved <span class="nowrap">2017-10-25</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=The+Hacker+News&amp;rft.atitle=Serious+Crypto-Flaw+Lets+Hackers+Recover+Private+RSA+Keys+Used+in+Billions+of+Devices&amp;rft.aulast=Khandelwal&amp;rft.aufirst=Swati&amp;rft_id=https%3A%2F%2Fthehackernews.com%2F2017%2F10%2Frsa-encryption-keys.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-4"><span class="mw-cite-backlink"><b><a href="#cite_ref-4">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFLeyden2017" class="citation news cs1">Leyden, John (16 October 2017). <a rel="nofollow" class="external text" href="https://www.theregister.co.uk/2017/10/16/roca_crypto_vuln_infineon_chips/">"Never mind the WPA2 drama... Details emerge of TPM key cockup that hits tonnes of devices"</a>. United Kingdom: The Register<span class="reference-accessdate">. Retrieved <span class="nowrap">2017-10-25</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.atitle=Never+mind+the+WPA2+drama...+Details+emerge+of+TPM+key+cockup+that+hits+tonnes+of+devices&amp;rft.date=2017-10-16&amp;rft.aulast=Leyden&amp;rft.aufirst=John&amp;rft_id=https%3A%2F%2Fwww.theregister.co.uk%2F2017%2F10%2F16%2Froca_crypto_vuln_infineon_chips%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-5"><span class="mw-cite-backlink"><b><a href="#cite_ref-5">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.ncsc.gov.uk/guidance/roca-infineon-tpm-and-secure-element-rsa-vulnerability-guidance">"ROCA: Infineon TPM and Secure Element RSA Vulnerability Guidance"</a>. <i>www.ncsc.gov.uk</i>. United Kingdom<span class="reference-accessdate">. Retrieved <span class="nowrap">2017-10-25</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=www.ncsc.gov.uk&amp;rft.atitle=ROCA%3A+Infineon+TPM+and+Secure+Element+RSA+Vulnerability+Guidance&amp;rft_id=https%3A%2F%2Fwww.ncsc.gov.uk%2Fguidance%2Froca-infineon-tpm-and-secure-element-rsa-vulnerability-guidance&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-6"><span class="mw-cite-backlink"><b><a href="#cite_ref-6">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://crocs.fi.muni.cz/public/papers/rsa_ccs17">"ROCA: Vulnerable RSA generation (CVE-2017-15361)"</a>. Czech Republic: Centre for Research on Cryptography and Security, Faculty of Informatics, <a href="/wiki/Masaryk_University" title="Masaryk University">Masaryk University</a><span class="reference-accessdate">. Retrieved <span class="nowrap">2017-10-25</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=ROCA%3A+Vulnerable+RSA+generation+%28CVE-2017-15361%29&amp;rft.place=Czech+Republic&amp;rft.pub=Centre+for+Research+on+Cryptography+and+Security%2C+Faculty+of+Informatics%2C+Masaryk+University&amp;rft_id=https%3A%2F%2Fcrocs.fi.muni.cz%2Fpublic%2Fpapers%2Frsa_ccs17&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-7"><span class="mw-cite-backlink"><b><a href="#cite_ref-7">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.infineon.com/cms/en/product/promopages/rsa-update/">"Information on software update of RSA key generation function"</a>. Infineon Technologies AG<span class="reference-accessdate">. Retrieved <span class="nowrap">2017-10-25</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Information+on+software+update+of+RSA+key+generation+function&amp;rft.pub=Infineon+Technologies+AG&amp;rft_id=https%3A%2F%2Fwww.infineon.com%2Fcms%2Fen%2Fproduct%2Fpromopages%2Frsa-update%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-8"><span class="mw-cite-backlink"><b><a href="#cite_ref-8">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBruno_Produit2019" class="citation web cs1">Bruno Produit (2019-05-15). <a rel="nofollow" class="external text" href="https://github.com/brunoproduit/roca">"Implementation of the ROCA attack (CVE-2017-15361)"</a>. <i><a href="/wiki/GitHub" title="GitHub">GitHub</a></i><span class="reference-accessdate">. Retrieved <span class="nowrap">2020-06-29</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=GitHub&amp;rft.atitle=Implementation+of+the+ROCA+attack+%28CVE-2017-15361%29&amp;rft.date=2019-05-15&amp;rft.au=Bruno+Produit&amp;rft_id=https%3A%2F%2Fgithub.com%2Fbrunoproduit%2Froca&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-9"><span class="mw-cite-backlink"><b><a href="#cite_ref-9">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFFlorian_Picca2020" class="citation web cs1">Florian Picca (2020-05-03). <a rel="nofollow" class="external text" href="https://github.com/FlorianPicca/ROCA">"ROCA"</a>. <i><a href="/wiki/GitHub" title="GitHub">GitHub</a></i><span class="reference-accessdate">. Retrieved <span class="nowrap">2020-06-29</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=GitHub&amp;rft.atitle=ROCA&amp;rft.date=2020-05-03&amp;rft.au=Florian+Picca&amp;rft_id=https%3A%2F%2Fgithub.com%2FFlorianPicca%2FROCA&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-10"><span class="mw-cite-backlink"><b><a href="#cite_ref-10">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFShiho_Midorikawa2020" class="citation web cs1">Shiho Midorikawa (2020-04-13). <a rel="nofollow" class="external text" href="https://github.com/elliptic-shiho/crypto_misc/blob/master/small_root/roca_attack.sage">"ROCA"</a>. <i><a href="/wiki/GitHub" title="GitHub">GitHub</a></i><span class="reference-accessdate">. Retrieved <span class="nowrap">2020-06-29</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=GitHub&amp;rft.atitle=ROCA&amp;rft.date=2020-04-13&amp;rft.au=Shiho+Midorikawa&amp;rft_id=https%3A%2F%2Fgithub.com%2Felliptic-shiho%2Fcrypto_misc%2Fblob%2Fmaster%2Fsmall_root%2Froca_attack.sage&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-11"><span class="mw-cite-backlink"><b><a href="#cite_ref-11">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.infineon.com/cms/en/product/promopages/tpm-update/">"<span class="cs1-kern-left"></span>"TPM Update - Infineon Technologies"<span class="cs1-kern-right"></span>"</a><span class="reference-accessdate">. Retrieved <span class="nowrap">March 19,</span> 2021</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=%22TPM+Update+-+Infineon+Technologies%22&amp;rft_id=https%3A%2F%2Fwww.infineon.com%2Fcms%2Fen%2Fproduct%2Fpromopages%2Ftpm-update%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> <li id="cite_note-parsovs_phd-12"><span class="mw-cite-backlink">^ <a href="#cite_ref-parsovs_phd_12-0">^{<i><b>a</b></i>}</a> <a href="#cite_ref-parsovs_phd_12-1">^{<i><b>b</b></i>}</a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFParsovs2021" class="citation thesis cs1">Parsovs, Arnis (March 2021). <a rel="nofollow" class="external text" href="https://dspace.ut.ee/handle/10062/71481"><i>Estonian Electronic Identity Card and its Security Challenges</i></a> (PhD). University of Tartu.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Adissertation&amp;rft.title=Estonian+Electronic+Identity+Card+and+its+Security+Challenges&amp;rft.inst=University+of+Tartu&amp;rft.date=2021-03&amp;rft.aulast=Parsovs&amp;rft.aufirst=Arnis&amp;rft_id=https%3A%2F%2Fdspace.ut.ee%2Fhandle%2F10062%2F71481&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AROCA+vulnerability" class="Z3988"></span></span> </li> </ol></div></div> <div class="mw-heading mw-heading2"><h2 id="External_links">External links</h2><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=ROCA_vulnerability&amp;action=edit&amp;section=6" title="Edit section: External links"><span>edit</span></a><span class="mw-editsection-bracket">]</span></span></div> <ul><li><a rel="nofollow" class="external text" href="https://github.com/crocs-muni/roca">ROCA detection tool (Detection source code)</a></li> <li><a rel="nofollow" class="external text" href="https://keychest.net/roca">ROCA Vulnerability Test Suite (Online tool for testing keys, files, GitHub accounts, GnuPG keys, and includes an S/MIME and PGP email responder)</a></li> <li><a rel="nofollow" class="external text" href="https://monitor.certipath.com/rsatest/">TrustMonitor ROCA Vulnerability Test (Online tool for testing multiple certificates)</a></li> <li><a rel="nofollow" class="external text" href="https://github.com/iadgov/Detect-CVE-2017-15361-TPM">Detect Trusted Platform Modules Vulnerable to CVE-2017-15361 (Scripts)</a></li></ul> <div class="navbox-styles"><style data-mw-deduplicate="TemplateStyles:r1129693374">.mw-parser-output .hlist dl,.mw-parser-output .hlist ol,.mw-parser-output .hlist ul{margin:0;padding:0}.mw-parser-output .hlist dd,.mw-parser-output .hlist dt,.mw-parser-output .hlist li{margin:0;display:inline}.mw-parser-output .hlist.inline,.mw-parser-output .hlist.inline dl,.mw-parser-output .hlist.inline ol,.mw-parser-output .hlist.inline ul,.mw-parser-output .hlist dl dl,.mw-parser-output .hlist dl ol,.mw-parser-output .hlist dl ul,.mw-parser-output .hlist ol dl,.mw-parser-output .hlist ol ol,.mw-parser-output .hlist ol ul,.mw-parser-output .hlist ul dl,.mw-parser-output .hlist ul ol,.mw-parser-output .hlist ul ul{display:inline}.mw-parser-output .hlist .mw-empty-li{display:none}.mw-parser-output .hlist dt::after{content:": "}.mw-parser-output .hlist dd::after,.mw-parser-output .hlist li::after{content:" · ";font-weight:bold}.mw-parser-output .hlist dd:last-child::after,.mw-parser-output .hlist dt:last-child::after,.mw-parser-output .hlist li:last-child::after{content:none}.mw-parser-output .hlist dd dd:first-child::before,.mw-parser-output .hlist dd dt:first-child::before,.mw-parser-output .hlist dd li:first-child::before,.mw-parser-output .hlist dt dd:first-child::before,.mw-parser-output .hlist dt dt:first-child::before,.mw-parser-output .hlist dt li:first-child::before,.mw-parser-output .hlist li dd:first-child::before,.mw-parser-output .hlist li dt:first-child::before,.mw-parser-output .hlist li li:first-child::before{content:" (";font-weight:normal}.mw-parser-output .hlist dd dd:last-child::after,.mw-parser-output .hlist dd dt:last-child::after,.mw-parser-output .hlist dd li:last-child::after,.mw-parser-output .hlist dt dd:last-child::after,.mw-parser-output .hlist dt dt:last-child::after,.mw-parser-output .hlist dt li:last-child::after,.mw-parser-output .hlist li dd:last-child::after,.mw-parser-output .hlist li dt:last-child::after,.mw-parser-output .hlist li li:last-child::after{content:")";font-weight:normal}.mw-parser-output .hlist ol{counter-reset:listitem}.mw-parser-output .hlist ol>li{counter-increment:listitem}.mw-parser-output .hlist ol>li::before{content:" "counter(listitem)"\a0 "}.mw-parser-output .hlist dd ol>li:first-child::before,.mw-parser-output .hlist dt ol>li:first-child::before,.mw-parser-output .hlist li ol>li:first-child::before{content:" ("counter(listitem)"\a0 "}</style><style data-mw-deduplicate="TemplateStyles:r1236075235">.mw-parser-output .navbox{box-sizing:border-box;border:1px solid #a2a9b1;width:100%;clear:both;font-size:88%;text-align:center;padding:1px;margin:1em auto 0}.mw-parser-output .navbox .navbox{margin-top:0}.mw-parser-output .navbox+.navbox,.mw-parser-output .navbox+.navbox-styles+.navbox{margin-top:-1px}.mw-parser-output .navbox-inner,.mw-parser-output .navbox-subgroup{width:100%}.mw-parser-output .navbox-group,.mw-parser-output .navbox-title,.mw-parser-output .navbox-abovebelow{padding:0.25em 1em;line-height:1.5em;text-align:center}.mw-parser-output .navbox-group{white-space:nowrap;text-align:right}.mw-parser-output .navbox,.mw-parser-output .navbox-subgroup{background-color:#fdfdfd}.mw-parser-output .navbox-list{line-height:1.5em;border-color:#fdfdfd}.mw-parser-output .navbox-list-with-group{text-align:left;border-left-width:2px;border-left-style:solid}.mw-parser-output tr+tr>.navbox-abovebelow,.mw-parser-output tr+tr>.navbox-group,.mw-parser-output tr+tr>.navbox-image,.mw-parser-output tr+tr>.navbox-list{border-top:2px solid #fdfdfd}.mw-parser-output .navbox-title{background-color:#ccf}.mw-parser-output .navbox-abovebelow,.mw-parser-output .navbox-group,.mw-parser-output .navbox-subgroup .navbox-title{background-color:#ddf}.mw-parser-output .navbox-subgroup .navbox-group,.mw-parser-output .navbox-subgroup .navbox-abovebelow{background-color:#e6e6ff}.mw-parser-output .navbox-even{background-color:#f7f7f7}.mw-parser-output .navbox-odd{background-color:transparent}.mw-parser-output .navbox .hlist td dl,.mw-parser-output .navbox .hlist td ol,.mw-parser-output .navbox .hlist td ul,.mw-parser-output .navbox td.hlist dl,.mw-parser-output .navbox td.hlist ol,.mw-parser-output .navbox td.hlist ul{padding:0.125em 0}.mw-parser-output .navbox .navbar{display:block;font-size:100%}.mw-parser-output .navbox-title .navbar{float:left;text-align:left;margin-right:0.5em}body.skin--responsive .mw-parser-output .navbox-image img{max-width:none!important}@media print{body.ns-0 .mw-parser-output .navbox{display:none!important}}</style></div><div role="navigation" class="navbox" aria-labelledby="Hacking_in_the_2010s" style="padding:3px"><table class="nowraplinks hlist mw-collapsible autocollapse navbox-inner" style="border-spacing:0;background:transparent;color:inherit"><tbody><tr><th scope="col" class="navbox-title" colspan="2"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1129693374"><style data-mw-deduplicate="TemplateStyles:r1239400231">.mw-parser-output .navbar{display:inline;font-size:88%;font-weight:normal}.mw-parser-output .navbar-collapse{float:left;text-align:left}.mw-parser-output .navbar-boxtext{word-spacing:0}.mw-parser-output .navbar ul{display:inline-block;white-space:nowrap;line-height:inherit}.mw-parser-output .navbar-brackets::before{margin-right:-0.125em;content:"[ "}.mw-parser-output .navbar-brackets::after{margin-left:-0.125em;content:" ]"}.mw-parser-output .navbar li{word-spacing:-0.125em}.mw-parser-output .navbar a>span,.mw-parser-output .navbar a>abbr{text-decoration:inherit}.mw-parser-output .navbar-mini abbr{font-variant:small-caps;border-bottom:none;text-decoration:none;cursor:inherit}.mw-parser-output .navbar-ct-full{font-size:114%;margin:0 7em}.mw-parser-output .navbar-ct-mini{font-size:114%;margin:0 4em}html.skin-theme-clientpref-night .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}@media(prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}}@media print{.mw-parser-output .navbar{display:none!important}}</style><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:Hacking_in_the_2010s" title="Template:Hacking in the 2010s"><abbr title="View this template">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:Hacking_in_the_2010s" title="Template talk:Hacking in the 2010s"><abbr title="Discuss this template">t</abbr></a></li><li class="nv-edit"><a href="/wiki/Special:EditPage/Template:Hacking_in_the_2010s" title="Special:EditPage/Template:Hacking in the 2010s"><abbr title="Edit this template">e</abbr></a></li></ul></div><div id="Hacking_in_the_2010s" style="font-size:114%;margin:0 4em">Hacking in the 2010s</div></th></tr><tr><td class="navbox-abovebelow" colspan="2"><div><table style="width:100%; margin:1px; display:inline-table;"><tbody><tr> <td style="text-align:left; vertical-align:middle; padding:0 0.5em 0 0;" class="noprint">&#8592;&#160;<a href="/wiki/Template:Hacking_in_the_2000s" title="Template:Hacking in the 2000s">2000s</a></td> <td style="text-align:center; vertical-align:middle;; padding:0 1px;" class=""><a href="/wiki/Timeline_of_computer_security_hacker_history#2010s" class="mw-redirect" title="Timeline of computer security hacker history">Timeline</a></td> <td style="text-align:right; vertical-align:middle;; padding:0 0 0 0.5em;" class="noprint"><a href="/wiki/Template:Hacking_in_the_2020s" title="Template:Hacking in the 2020s">2020s</a>&#160;&#8594;</td> </tr></tbody></table></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major incidents</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Operation_Aurora" title="Operation Aurora">Operation Aurora</a> (publication of 2009 events)</li> <li><a href="/wiki/February_2010_Australian_cyberattacks" title="February 2010 Australian cyberattacks">Australian cyberattacks</a></li> <li><a href="/wiki/Operation_Olympic_Games" title="Operation Olympic Games">Operation Olympic Games</a></li> <li><a href="/wiki/Shadow_Network" title="Shadow Network">Operation ShadowNet</a></li> <li><a href="/wiki/Operation_Payback" title="Operation Payback">Operation Payback</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2011_Canadian_government_hackings" title="2011 Canadian government hackings">Canadian government</a></li> <li><a href="/wiki/DigiNotar" title="DigiNotar">DigiNotar</a></li> <li><a href="/wiki/DNSChanger" title="DNSChanger">DNSChanger</a></li> <li><a href="/wiki/HBGary" title="HBGary">HBGary Federal</a></li> <li><a href="/wiki/Operation_AntiSec" title="Operation AntiSec">Operation AntiSec</a></li> <li><a href="/wiki/2011_PlayStation_Network_outage" title="2011 PlayStation Network outage">PlayStation network outage</a></li> <li><a href="/wiki/RSA_SecurID#March_2011_system_compromise" title="RSA SecurID">RSA SecurID compromise</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2012_LinkedIn_hack" title="2012 LinkedIn hack">LinkedIn hack</a></li> <li><a href="/wiki/Stratfor_email_leak" title="Stratfor email leak">Stratfor email leak</a></li> <li><a href="/wiki/Operation_High_Roller" title="Operation High Roller">Operation High Roller</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2013_South_Korea_cyberattack" title="2013 South Korea cyberattack">South Korea cyberattack</a></li> <li><a href="/wiki/Snapchat#December_2013_hack" title="Snapchat">Snapchat hack</a></li> <li><a href="/wiki/June_25_cyber_terror" class="mw-redirect" title="June 25 cyber terror">Cyberterrorism attack of June 25</a></li> <li><a href="/wiki/Yahoo!_data_breaches#August_2013:_breach" class="mw-redirect" title="Yahoo! data breaches">2013 Yahoo! data breach</a></li> <li><a href="/wiki/2013_Singapore_cyberattacks" title="2013 Singapore cyberattacks">Singapore cyberattacks</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Anthem_medical_data_breach" title="Anthem medical data breach">Anthem medical data breach</a></li> <li><a href="/wiki/Operation_Tovar" title="Operation Tovar">Operation Tovar</a></li> <li><a href="/wiki/2014_celebrity_nude_photo_leak" title="2014 celebrity nude photo leak">2014 celebrity nude photo leak</a></li> <li><a href="/wiki/2014_JPMorgan_Chase_data_breach" title="2014 JPMorgan Chase data breach">2014 JPMorgan Chase data breach</a></li> <li><a href="/wiki/2014_Sony_Pictures_hack" title="2014 Sony Pictures hack">2014 Sony Pictures hack</a></li> <li><a href="/wiki/2014_Russian_hacker_password_theft" title="2014 Russian hacker password theft">Russian hacker password theft</a></li> <li><a href="/wiki/Yahoo!_data_breaches#Late_2014:_breach" class="mw-redirect" title="Yahoo! data breaches">2014 Yahoo! data breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Office_of_Personnel_Management_data_breach" title="Office of Personnel Management data breach">Office of Personnel Management data breach</a></li> <li><a href="/wiki/HackingTeam#2015_data_breach" title="HackingTeam">HackingTeam</a></li> <li><a href="/wiki/Ashley_Madison_data_breach" title="Ashley Madison data breach">Ashley Madison data breach</a></li> <li><a href="/wiki/VTech#2015_data_breach" title="VTech">VTech data breach</a></li> <li><a href="/wiki/2015_Ukraine_power_grid_hack" title="2015 Ukraine power grid hack">Ukrainian Power Grid Cyberattack</a></li> <li><a href="/wiki/2015%E2%80%932016_SWIFT_banking_hack" title="2015–2016 SWIFT banking hack">SWIFT banking hack</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Bangladesh_Bank_robbery" title="Bangladesh Bank robbery">Bangladesh Bank robbery</a></li> <li><a href="/wiki/Hollywood_Presbyterian_Medical_Center#Ransomware" title="Hollywood Presbyterian Medical Center">Hollywood Presbyterian Medical Center ransomware incident</a></li> <li><a href="/wiki/Commission_on_Elections_data_breach" title="Commission on Elections data breach">Commission on Elections data breach</a></li> <li><a href="/wiki/Democratic_National_Committee_cyber_attacks" title="Democratic National Committee cyber attacks">Democratic National Committee cyber attacks</a></li> <li><a href="/wiki/Vietnamese_airports_hackings" title="Vietnamese airports hackings">Vietnam Airport Hacks</a></li> <li><a href="/wiki/Democratic_Congressional_Campaign_Committee_cyber_attacks" title="Democratic Congressional Campaign Committee cyber attacks">DCCC cyber attacks</a></li> <li><a href="/wiki/2016_Indian_Banks_data_breach" class="mw-redirect" title="2016 Indian Banks data breach">Indian Bank data breaches</a></li> <li><a href="/wiki/Surkov_leaks" title="Surkov leaks">Surkov leaks</a></li> <li><a href="/wiki/DDoS_attacks_on_Dyn" title="DDoS attacks on Dyn">Dyn cyberattack</a></li> <li><a href="/wiki/Russian_interference_in_the_2016_United_States_elections" title="Russian interference in the 2016 United States elections">Russian interference in the 2016 U.S. elections</a></li> <li><a href="/wiki/2016_Bitfinex_hack" title="2016 Bitfinex hack">2016 Bitfinex hack</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/SHA1#SHAttered_–_first_public_collision" class="mw-redirect" title="SHA1">SHAttered</a></li> <li><a href="/wiki/2017_Macron_e-mail_leaks" title="2017 Macron e-mail leaks">2017 Macron e-mail leaks</a></li> <li><a href="/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack">WannaCry ransomware attack</a></li> <li><a href="/wiki/2017_Westminster_data_breach" title="2017 Westminster data breach">Westminster data breach</a></li> <li><a href="/wiki/Petya_(malware_family)" title="Petya (malware family)">Petya and NotPetya</a> <ul><li><a href="/wiki/2017_Ukraine_ransomware_attacks" title="2017 Ukraine ransomware attacks">2017 Ukraine ransomware attacks</a></li></ul></li> <li><a href="/wiki/2017_Equifax_data_breach" title="2017 Equifax data breach">Equifax data breach</a></li> <li><a href="/wiki/Deloitte#E-mail_hack" title="Deloitte">Deloitte breach</a></li> <li><a href="/wiki/Disqus#October_2017_security_breach" title="Disqus">Disqus breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2018</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Trustico#DigiCert_and_Trustico_spat,_2018" title="Trustico">Trustico</a></li> <li><a href="/wiki/Atlanta_government_ransomware_attack" title="Atlanta government ransomware attack">Atlanta cyberattack</a></li> <li><a href="/wiki/2018_SingHealth_data_breach" title="2018 SingHealth data breach">SingHealth data breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2019_cyberattacks_on_Sri_Lanka" title="2019 cyberattacks on Sri Lanka">Sri Lanka cyberattack</a></li> <li><a href="/wiki/2019_Baltimore_ransomware_attack" title="2019 Baltimore ransomware attack">Baltimore ransomware attack</a></li> <li><a href="/wiki/2019_Bulgarian_revenue_agency_hack" class="mw-redirect" title="2019 Bulgarian revenue agency hack">Bulgarian revenue agency hack</a></li> <li><a href="/wiki/WhatsApp_snooping_scandal" title="WhatsApp snooping scandal">WhatsApp snooping scandal</a></li> <li><a href="/wiki/Jeff_Bezos_phone_hacking_incident" title="Jeff Bezos phone hacking incident">Jeff Bezos phone hacking incident</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacktivism" title="Hacktivism">Hacktivism</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Anonymous_(hacker_group)" title="Anonymous (hacker group)">Anonymous</a> <ul><li><a href="/wiki/Timeline_of_events_associated_with_Anonymous" title="Timeline of events associated with Anonymous">associated events</a></li></ul></li> <li><a href="/wiki/CyberBerkut" title="CyberBerkut">CyberBerkut</a></li> <li><a href="/wiki/Gay_Nigger_Association_of_America" title="Gay Nigger Association of America">GNAA</a></li> <li><a href="/wiki/Goatse_Security" title="Goatse Security">Goatse Security</a></li> <li><a href="/wiki/Lizard_Squad" title="Lizard Squad">Lizard Squad</a></li> <li><a href="/wiki/LulzRaft" title="LulzRaft">LulzRaft</a></li> <li><a href="/wiki/LulzSec" title="LulzSec">LulzSec</a></li> <li><a href="/wiki/2016_Dyn_cyberattack#Perpetrators" class="mw-redirect" title="2016 Dyn cyberattack">New World Hackers</a></li> <li><a href="/wiki/NullCrew" title="NullCrew">NullCrew</a></li> <li><a href="/wiki/OurMine" title="OurMine">OurMine</a></li> <li><a href="/wiki/PayPal_14" title="PayPal 14">PayPal 14</a></li> <li><a href="/wiki/RedHack" title="RedHack">RedHack</a></li> <li><a href="/wiki/Teamp0ison" title="Teamp0ison">Teamp0ison</a></li> <li><a href="/wiki/The_Dark_Overlord_(hacker_group)" title="The Dark Overlord (hacker group)"> TDO </a></li> <li><a href="/wiki/UGNazi" title="UGNazi">UGNazi</a></li> <li><a href="/wiki/Ukrainian_Cyber_Alliance" title="Ukrainian Cyber Alliance">Ukrainian Cyber Alliance</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Advanced_persistent_threat" title="Advanced persistent threat">Advanced<br />persistent threats</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Bangladesh_Black_Hat_Hackers" title="Bangladesh Black Hat Hackers">Bangladesh Black Hat Hackers</a></li> <li><a href="/wiki/Bureau_121" title="Bureau 121">Bureau 121</a></li> <li><a href="/wiki/Charming_Kitten" title="Charming Kitten">Charming Kitten</a></li> <li><a href="/wiki/Cozy_Bear" title="Cozy Bear">Cozy Bear</a></li> <li><a href="/wiki/Dark_Basin" title="Dark Basin">Dark Basin</a></li> <li><a href="/wiki/DarkMatter_Group" title="DarkMatter Group">DarkMatter</a></li> <li><a href="/wiki/Elfin_Team" title="Elfin Team">Elfin Team</a></li> <li><a href="/wiki/Equation_Group" title="Equation Group">Equation Group</a></li> <li><a href="/wiki/Fancy_Bear" title="Fancy Bear">Fancy Bear</a></li> <li><a href="/wiki/Stuxnet#History" title="Stuxnet">GOSSIPGIRL</a> (confederation)</li> <li><a href="/wiki/Guccifer_2.0" title="Guccifer 2.0">Guccifer 2.0</a></li> <li><a href="/wiki/Hacking_Team" class="mw-redirect" title="Hacking Team">Hacking Team</a></li> <li><a href="/wiki/Helix_Kitten" title="Helix Kitten">Helix Kitten</a></li> <li><a href="/wiki/Iranian_Cyber_Army" title="Iranian Cyber Army">Iranian Cyber Army</a></li> <li><a href="/wiki/Lazarus_Group" title="Lazarus Group">Lazarus Group</a> (<a href="/wiki/Lazarus_Group#BlueNorOff" title="Lazarus Group">BlueNorOff</a>) (<a href="/wiki/Lazarus_Group#AndAriel" title="Lazarus Group">AndAriel</a>)</li> <li><a href="/wiki/NSO_Group" title="NSO Group">NSO Group</a></li> <li><a href="/wiki/Numbered_Panda" title="Numbered Panda">Numbered Panda</a></li> <li><a href="/wiki/PLA_Unit_61398" title="PLA Unit 61398">PLA Unit 61398</a></li> <li><a href="/wiki/PLA_Unit_61486" title="PLA Unit 61486">PLA Unit 61486</a></li> <li><a href="/wiki/PLATINUM_(cybercrime_group)" title="PLATINUM (cybercrime group)">PLATINUM</a></li> <li><a href="/wiki/Pranknet" title="Pranknet">Pranknet</a></li> <li><a href="/wiki/Red_Apollo" title="Red Apollo">Red Apollo</a></li> <li><a href="/wiki/Rocket_Kitten" title="Rocket Kitten">Rocket Kitten</a></li> <li><a href="/wiki/Stealth_Falcon" title="Stealth Falcon">Stealth Falcon</a></li> <li><a href="/wiki/Syrian_Electronic_Army" title="Syrian Electronic Army">Syrian Electronic Army</a></li> <li><a href="/wiki/Tailored_Access_Operations" title="Tailored Access Operations">Tailored Access Operations</a></li> <li><a href="/wiki/The_Shadow_Brokers" title="The Shadow Brokers">The Shadow Brokers</a></li> <li><a href="/wiki/XDedic" title="XDedic">xDedic</a></li> <li><a href="/wiki/Yemen_Cyber_Army" title="Yemen Cyber Army">Yemen Cyber Army</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacker" title="Hacker">Individuals</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Ryan_Ackroyd" title="Ryan Ackroyd">Ryan Ackroyd</a></li> <li><a href="/wiki/Mustafa_Al-Bassam" title="Mustafa Al-Bassam">Mustafa Al-Bassam</a></li> <li><a href="/wiki/Cyber_Anakin" title="Cyber Anakin">Cyber Anakin</a></li> <li><a href="/wiki/George_Hotz" title="George Hotz">George Hotz</a></li> <li><a href="/wiki/Guccifer" title="Guccifer">Guccifer</a></li> <li><a href="/wiki/Elliott_Gunton" title="Elliott Gunton">Elliott Gunton</a></li> <li><a href="/wiki/Jeremy_Hammond" title="Jeremy Hammond">Jeremy Hammond</a></li> <li><a href="/wiki/Kristoffer_von_Hassel" title="Kristoffer von Hassel">Kristoffer von Hassel</a></li> <li><a href="/wiki/Junaid_Hussain" title="Junaid Hussain">Junaid Hussain</a></li> <li><a href="/wiki/MLT_(hacktivist)" title="MLT (hacktivist)">MLT</a></li> <li><a href="/wiki/Hector_Monsegur" title="Hector Monsegur">Sabu</a></li> <li><a href="/wiki/Roman_Seleznev" title="Roman Seleznev">Track2</a></li> <li><a href="/wiki/Topiary_(hacktivist)" title="Topiary (hacktivist)">Topiary</a></li> <li><a href="/wiki/The_Jester_(hacktivist)" title="The Jester (hacktivist)">The Jester</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major <a href="/wiki/Vulnerability_(computing)" class="mw-redirect" title="Vulnerability (computing)">vulnerabilities</a><br />publicly <a href="/wiki/Full_disclosure_(computer_security)" title="Full disclosure (computer security)">disclosed</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Evercookie" title="Evercookie">Evercookie</a> (2010)</li> <li><a href="/wiki/ISeeYou" title="ISeeYou">iSeeYou</a> (2013)</li> <li><a href="/wiki/Heartbleed" title="Heartbleed"> Heartbleed</a> (2014)</li> <li><a href="/wiki/Shellshock_(software_bug)" title="Shellshock (software bug)">Shellshock</a> (2014)</li> <li><a href="/wiki/POODLE" title="POODLE">POODLE</a> (2014)</li> <li><a href="/wiki/Rootpipe" title="Rootpipe">Rootpipe</a> (2014)</li> <li><a href="/wiki/Row_hammer" title="Row hammer">Row hammer</a> (2014)</li> <li><a href="/wiki/Signaling_System_No._7#Protocol_security_vulnerabilities" class="mw-redirect" title="Signaling System No. 7">SS7 vulnerabilities</a> (2014)</li> <li><a href="/wiki/WinShock" title="WinShock">WinShock</a> (2014)</li> <li><a href="/wiki/JASBUG" title="JASBUG">JASBUG</a> (2015)</li> <li><a href="/wiki/Stagefright_(bug)" title="Stagefright (bug)">Stagefright</a> (2015)</li> <li><a href="/wiki/DROWN_attack" title="DROWN attack">DROWN</a> (2016)</li> <li><a href="/wiki/Badlock" title="Badlock">Badlock</a> (2016)</li> <li><a href="/wiki/Dirty_COW" title="Dirty COW">Dirty COW</a> (2016)</li> <li><a href="/wiki/Cloudbleed" title="Cloudbleed">Cloudbleed</a> (2017)</li> <li><a href="/wiki/Broadcom_Corporation#soc-wifi-vulns" title="Broadcom Corporation">Broadcom Wi-Fi</a> (2017)</li> <li><a href="/wiki/EternalBlue" title="EternalBlue">EternalBlue</a> (2017)</li> <li><a href="/wiki/DoublePulsar" title="DoublePulsar">DoublePulsar</a> (2017)</li> <li><a href="/wiki/Intel_Active_Management_Technology#Silent_Bob_is_Silent" title="Intel Active Management Technology">Silent Bob is Silent</a> (2017)</li> <li><a href="/wiki/KRACK" title="KRACK">KRACK</a> (2017)</li> <li><a class="mw-selflink selflink">ROCA vulnerability</a> (2017)</li> <li><a href="/wiki/BlueBorne_(security_vulnerability)" title="BlueBorne (security vulnerability)">BlueBorne</a> (2017)</li> <li><a href="/wiki/Meltdown_(security_vulnerability)" title="Meltdown (security vulnerability)">Meltdown</a> (2018)</li> <li><a href="/wiki/Spectre_(security_vulnerability)" title="Spectre (security vulnerability)">Spectre</a> (2018)</li> <li><a href="/wiki/EFAIL" title="EFAIL">EFAIL</a> (2018)</li> <li><a href="/wiki/Exactis" title="Exactis">Exactis</a> (2018)</li> <li><a href="/wiki/Speculative_Store_Bypass" title="Speculative Store Bypass">Speculative Store Bypass</a> (2018)</li> <li><a href="/wiki/Lazy_FP_state_restore" title="Lazy FP state restore">Lazy FP state restore</a> (2018)</li> <li><a href="/wiki/TLBleed" title="TLBleed">TLBleed</a> (2018)</li> <li><a href="/wiki/SigSpoof" title="SigSpoof">SigSpoof</a> (2018)</li> <li><a href="/wiki/Foreshadow" title="Foreshadow">Foreshadow</a> (2018)</li> <li><a href="/wiki/Wi-Fi_Protected_Access#Dragonblood_attack" title="Wi-Fi Protected Access">Dragonblood</a> (2019)</li> <li><a href="/wiki/Microarchitectural_Data_Sampling" title="Microarchitectural Data Sampling">Microarchitectural Data Sampling</a> (2019)</li> <li><a href="/wiki/BlueKeep" title="BlueKeep">BlueKeep</a> (2019)</li> <li><a href="/wiki/Kr00k" title="Kr00k">Kr00k</a> (2019)</li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Malware" title="Malware">Malware</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Ransomware#Bad_Rabbit" title="Ransomware">Bad Rabbit</a></li> <li><a href="/wiki/BlackEnergy#BlackEnergy_2_(BE2)" title="BlackEnergy"> Black Energy 2</a></li> <li><a href="/wiki/SpyEye" title="SpyEye">SpyEye</a></li> <li><a href="/wiki/Stuxnet" title="Stuxnet">Stuxnet</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Coreflood" title="Coreflood">Coreflood</a></li> <li><a href="/wiki/Alureon" title="Alureon">Alureon</a></li> <li><a href="/wiki/Duqu" title="Duqu">Duqu</a></li> <li><a href="/wiki/Kelihos_botnet" title="Kelihos botnet">Kelihos</a></li> <li><a href="/wiki/Metulji_botnet" title="Metulji botnet">Metulji botnet</a></li> <li><a href="/wiki/Stars_virus" title="Stars virus">Stars</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Carna_botnet" title="Carna botnet">Carna</a></li> <li><a href="/wiki/Dexter_(malware)" title="Dexter (malware)">Dexter</a></li> <li><a href="/wiki/FBI_MoneyPak_Ransomware" title="FBI MoneyPak Ransomware">FBI</a></li> <li><a href="/wiki/Flame_(malware)" title="Flame (malware)">Flame</a></li> <li><a href="/wiki/Mahdi_(malware)" title="Mahdi (malware)">Mahdi</a></li> <li><a href="/wiki/Red_October_(malware)" title="Red October (malware)">Red October</a></li> <li><a href="/wiki/Shamoon" title="Shamoon">Shamoon</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/CryptoLocker" title="CryptoLocker">CryptoLocker</a></li> <li><a href="/wiki/2013_South_Korea_cyberattack" title="2013 South Korea cyberattack">DarkSeoul</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Brambul" title="Brambul">Brambul</a></li> <li><a href="/wiki/BlackEnergy#BlackEnergy_3_(BE3)" title="BlackEnergy"> Black Energy 3</a></li> <li><a href="/wiki/Carbanak" title="Carbanak">Carbanak</a></li> <li><a href="/wiki/Careto_(malware)" title="Careto (malware)">Careto</a></li> <li><a href="/wiki/DarkHotel" title="DarkHotel">DarkHotel</a></li> <li><a href="/wiki/Duqu_2.0" title="Duqu 2.0">Duqu 2.0</a></li> <li><a href="/wiki/FinFisher" title="FinFisher">FinFisher</a></li> <li><a href="/wiki/Gameover_ZeuS" title="Gameover ZeuS">Gameover ZeuS</a></li> <li><a href="/wiki/Regin_(malware)" title="Regin (malware)">Regin</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Dridex" title="Dridex">Dridex</a></li> <li><a href="/wiki/Hidden_Tear" title="Hidden Tear">Hidden Tear</a></li> <li><a href="/wiki/Rombertik" title="Rombertik">Rombertik</a></li> <li><a href="/wiki/TeslaCrypt" title="TeslaCrypt">TeslaCrypt</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Hitler-Ransomware" title="Hitler-Ransomware">Hitler</a></li> <li><a href="/wiki/Jigsaw_(ransomware)" title="Jigsaw (ransomware)">Jigsaw</a></li> <li><a href="/wiki/KeRanger" title="KeRanger">KeRanger</a></li> <li><a href="/wiki/Necurs" class="mw-redirect" title="Necurs">Necurs</a></li> <li><a href="/wiki/MEMZ" title="MEMZ">MEMZ</a></li> <li><a href="/wiki/Mirai_(malware)" title="Mirai (malware)">Mirai</a></li> <li><a href="/wiki/Pegasus_(spyware)" title="Pegasus (spyware)">Pegasus</a></li> <li><a href="/wiki/Petya_and_NotPetya" class="mw-redirect" title="Petya and NotPetya">Petya and NotPetya</a></li> <li><a href="/wiki/X-Agent" title="X-Agent">X-Agent</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/BrickerBot" title="BrickerBot">BrickerBot</a></li> <li><a href="/wiki/Kirk_Ransomware" title="Kirk Ransomware">Kirk</a></li> <li><a href="/wiki/LogicLocker" title="LogicLocker">LogicLocker</a></li> <li><a href="/wiki/Rensenware" title="Rensenware">Rensenware</a></li> <li><a href="/wiki/Triton_(malware)" title="Triton (malware)">Triton</a></li> <li><a href="/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack">WannaCry</a></li> <li><a href="/wiki/Xafecopy_Trojan" title="Xafecopy Trojan">XafeCopy</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2018</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/VPNFilter" title="VPNFilter">VPNFilter</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Grum_botnet" title="Grum botnet">Grum</a></li> <li><a href="/wiki/Joanap" title="Joanap">Joanap</a></li> <li><a href="/wiki/NetTraveler" title="NetTraveler">NetTraveler</a></li> <li><a href="/wiki/Chaos_Computer_Club#Staatstrojaner_affair" title="Chaos Computer Club">R2D2</a></li> <li><a href="/wiki/Tiny_Banker_Trojan" title="Tiny Banker Trojan">Tinba</a></li> <li><a href="/wiki/Titanium_(malware)" title="Titanium (malware)">Titanium</a></li> <li><a href="/wiki/ZeroAccess_botnet" title="ZeroAccess botnet">ZeroAccess botnet</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr></tbody></table></div> <!-- NewPP limit report Parsed by mw‐web.codfw.main‐f69cdc8f6‐c5gcc Cached time: 20241122155346 Cache expiry: 2592000 Reduced expiry: false Complications: [vary‐revision‐sha1, show‐toc] CPU time usage: 0.468 seconds Real time usage: 0.635 seconds Preprocessor visited node count: 2641/1000000 Post‐expand include size: 89687/2097152 bytes Template argument size: 1917/2097152 bytes Highest expansion depth: 16/100 Expensive parser function count: 1/500 Unstrip recursion depth: 1/20 Unstrip post‐expand size: 57313/5000000 bytes Lua time usage: 0.263/10.000 seconds Lua memory usage: 6290036/52428800 bytes Number of Wikibase entities loaded: 0/400 --> <!-- Transclusion expansion time report (%,ms,calls,template) 100.00% 494.856 1 -total 25.34% 125.409 1 Template:Reflist 25.13% 124.346 3 Template:Navbox 24.63% 121.880 1 Template:Hacking_in_the_2010s 21.02% 104.000 1 Template:Infobox_bug 20.11% 99.492 1 Template:Infobox 13.66% 67.580 1 Template:Short_description 12.66% 62.637 3 Template:Cite_news 11.35% 56.144 2 Template:CVE 9.10% 45.049 2 Template:Catalog_lookup_link --> <!-- Saved in parser cache with key enwiki:pcache:idhash:55620314-0!canonical and timestamp 20241122155346 and revision id 1119299291. Rendering was triggered because: page-view --> </div><!--esi <esi:include src="/esitest-fa8a495983347898/content" /> --><noscript><img src="https://login.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://en.wikipedia.org/w/index.php?title=ROCA_vulnerability&amp;oldid=1119299291">https://en.wikipedia.org/w/index.php?title=ROCA_vulnerability&amp;oldid=1119299291</a>"</div></div> <div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Help:Category" title="Help:Category">Categories</a>: <ul><li><a href="/wiki/Category:Cryptographic_attacks" title="Category:Cryptographic attacks">Cryptographic attacks</a></li><li><a href="/wiki/Category:Attacks_on_public-key_cryptosystems" title="Category:Attacks on public-key cryptosystems">Attacks on public-key cryptosystems</a></li></ul></div><div id="mw-hidden-catlinks" class="mw-hidden-catlinks mw-hidden-cats-hidden">Hidden categories: <ul><li><a href="/wiki/Category:Articles_with_short_description" title="Category:Articles with short description">Articles with short description</a></li><li><a href="/wiki/Category:Short_description_is_different_from_Wikidata" title="Category:Short description is different from Wikidata">Short description is different from Wikidata</a></li></ul></div></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 31 October 2022, at 19:24<span class="anonymous-show">&#160;(UTC)</span>.</li> <li id="footer-info-copyright">Text is available under the <a href="/wiki/Wikipedia:Text_of_the_Creative_Commons_Attribution-ShareAlike_4.0_International_License" title="Wikipedia:Text of the Creative Commons Attribution-ShareAlike 4.0 International License">Creative Commons Attribution-ShareAlike 4.0 License</a>; additional terms may apply. By using this site, you agree to the <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use" class="extiw" title="foundation:Special:MyLanguage/Policy:Terms of Use">Terms of Use</a> and <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy" class="extiw" title="foundation:Special:MyLanguage/Policy:Privacy policy">Privacy Policy</a>. Wikipedia® is a registered trademark of the <a rel="nofollow" class="external text" href="https://wikimediafoundation.org/">Wikimedia Foundation, Inc.</a>, a non-profit organization.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Wikipedia:About">About Wikipedia</a></li> <li id="footer-places-disclaimers"><a href="/wiki/Wikipedia:General_disclaimer">Disclaimers</a></li> <li id="footer-places-contact"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us">Contact Wikipedia</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Universal_Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/en.wikipedia.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//en.m.wikipedia.org/w/index.php?title=ROCA_vulnerability&amp;mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://wikimediafoundation.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/static/images/footer/wikimedia-button.svg" width="84" height="29" alt="Wikimedia Foundation" loading="lazy"></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/w/resources/assets/poweredby_mediawiki.svg" alt="Powered by MediaWiki" width="88" height="31" loading="lazy"></a></li> </ul> </footer> </div> </div> </div> <div class="vector-settings" id="p-dock-bottom"> <ul></ul> </div><script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-f69cdc8f6-rlhbk","wgBackendResponseTime":157,"wgPageParseReport":{"limitreport":{"cputime":"0.468","walltime":"0.635","ppvisitednodes":{"value":2641,"limit":1000000},"postexpandincludesize":{"value":89687,"limit":2097152},"templateargumentsize":{"value":1917,"limit":2097152},"expansiondepth":{"value":16,"limit":100},"expensivefunctioncount":{"value":1,"limit":500},"unstrip-depth":{"value":1,"limit":20},"unstrip-size":{"value":57313,"limit":5000000},"entityaccesscount":{"value":0,"limit":400},"timingprofile":["100.00% 494.856 1 -total"," 25.34% 125.409 1 Template:Reflist"," 25.13% 124.346 3 Template:Navbox"," 24.63% 121.880 1 Template:Hacking_in_the_2010s"," 21.02% 104.000 1 Template:Infobox_bug"," 20.11% 99.492 1 Template:Infobox"," 13.66% 67.580 1 Template:Short_description"," 12.66% 62.637 3 Template:Cite_news"," 11.35% 56.144 2 Template:CVE"," 9.10% 45.049 2 Template:Catalog_lookup_link"]},"scribunto":{"limitreport-timeusage":{"value":"0.263","limit":"10.000"},"limitreport-memusage":{"value":6290036,"limit":52428800}},"cachereport":{"origin":"mw-web.codfw.main-f69cdc8f6-c5gcc","timestamp":"20241122155346","ttl":2592000,"transientcontent":false}}});});</script> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"Article","name":"ROCA vulnerability","url":"https:\/\/en.wikipedia.org\/wiki\/ROCA_vulnerability","sameAs":"http:\/\/www.wikidata.org\/entity\/Q42936978","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q42936978","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2017-10-25T07:30:52Z","dateModified":"2022-10-31T19:24:42Z","headline":"cryptographic weakness"}</script> </body> </html>