Mining Your Ps and Qs: Detection of WidespreadWeak Keys in Network Devices

RSA and DSA can fail catastrophically when used with malfunctioning random number generators, but the extent to which these problems arise in practice has never been comprehensively studied at Internet scale. The authors perform the largest ever network survey of TLS and SSH servers and present evidence that vulnerable keys are surprisingly widespread. They find that 0.75% of TLS certificates share keys due to insufficient entropy during key generation, and they suspect that another 1.70% come from the same faulty implementations and may be susceptible to compromise.

Provided by: University of Calgary Topic: Security Date Added: Jun 2012 Format: PDF

Find By Topic