A new class of weak RSA keys, characterized by an abundance of zeros, has been discovered in real-world use. These keys were found through the badkeys project, an open-source service designed to identify public keys with known vulnerabilities. The research by Trail of Bits analyzed a vast collection of keys from various public sources, including Certificate Transparency logs and internet-wide scans, Schneier on Security reports.The identified weak keys exhibit patterns of regularly spaced blocks of zeros. One pattern was found in certificates issued to large organizations like Yahoo and Verizon, and on some NetApp devices. Although these specific certificates have expired, the findings were shared with the affected companies. Another pattern was observed on SSH hosts running CompleteFTP software. The vulnerability impacts RSA keys generated between December 2016 and March 2019 (versions 10.0.0-12.0.0) and DSA keys generated between December 2016 and December 2023 (versions 10.0.0-23.0.4).While this affects a small percentage of internet hosts, the discovery highlights a concerning trend of similar cryptographic implementation failures across different products, suggesting the potential for wider exploitation and the need for tailored cryptanalytic approaches.Source: Schneier on Security
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds