Results 1 to 2 of 2

Thread: Researchers Break Thousands of RSA Keys

  1. #1
    Join Date
    Aug 2008
    Planet Earth
    Thanked 416 Times in 289 Posts

    Researchers Break Thousands of RSA Keys

    The (Almost) Secret Algorithm Researchers Used to Break Thousands of RSA Keys:

  2. #2
    Join Date
    Nov 2015
    boot ROM
    Thanked 17 Times in 15 Posts
    At the end of day that's what you get for not so random random I guess. It can get worse. Say, Debian operating system eventually applied small "harmless" patch to openssl library, openssl devs even acknowledged it as "harmless". Ironically it proven to be not so harmless, killing off a lot of entropy during key generation and bringing whole set of possible RSA keys to just several thousands or so. At which point attacker can simply generate all possible RSA keys and brute force which of these would actually work. As the result, thousands of systems faced break-ins via SSH (while SSH protocol isn't TLS or SSL, openssh used openssl to process keys, so generated keys suffered from very same problem) - and it has been a full scale "emergency" for hosting providers and somesuch.

    There're also some attacks on e.g. embedded systems like wi-fi routers, abusing the fact embedded systems often lack good entropy sources and therefore their generated keys and so on could be less random than desirable, jeopardising otherwise secure cryptography.

    I'd say crypto is extremely unforgiving to shortcuts, careless coding and lack of attention to small details. Touching inner working of crypto algo takes full understanding of underlying math, possible cryptanalisys, and a very decent understanding of how hardware works. That's why most mortals shouldn't try to "improve" crypto algos, unless they understand all of that. Which is very challenging. As concrete example, AES on its own looks more or less secure as for now. However, if careless implementation is used, attacker can, say, measure run time of algo and its part - so it would turn rather insecure overall, up to ability to reconstruct key. That's one of reason why recent encryption algos are generally moving away from array operations (=memory access, subject to cache effects and related timing issues) in favor of math-only operations that do not access memory, ensuring algo completes in constant time, regardless of input. Salsa/chacha design is a good illustration.

Similar Threads

  1. Introducing -Entropy break compressor
    By Vishnu in forum Data Compression
    Replies: 3
    Last Post: 8th September 2017, 14:43
  2. Replies: 7
    Last Post: 24th June 2016, 16:07
  3. Researchers warn of malware hidden in .zip files
    By Surfer in forum The Off-Topic Lounge
    Replies: 4
    Last Post: 20th April 2010, 10:19

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts