Mining Your Ps and Qs: Detection of WidespreadWeak Keys in Network Devices

Provided by: University of Calgary
Topic: Security
Format: PDF
RSA and DSA can fail catastrophically when used with malfunctioning random number generators, but the extent to which these problems arise in practice has never been comprehensively studied at Internet scale. The authors perform the largest ever network survey of TLS and SSH servers and present evidence that vulnerable keys are surprisingly widespread. They find that 0.75% of TLS certificates share keys due to insufficient entropy during key generation, and they suspect that another 1.70% come from the same faulty implementations and may be susceptible to compromise.

Find By Topic