IT disaster recovery, cloud computing and information security news

Daisy

Vulnerability alert: 1 in every 172 active RSA certificates are vulnerable to compromise or attack

Keyfactor has announced research findings identifying a vulnerability across active RSA certificates. Using minimal computing resources, researchers were able to collect and analyze 175 million RSA certificates and keys used to protect real-world Internet traffic.

The active and publicly available RSA keys (which consist of the product of two large, randomly chosen primes) were mined to identity common factors. Any keys sharing one of their prime factors with another key are compromised by this technique. The analysis found over 435,000 certificates with a shared factor, with researchers able to rederive the private key.

“In a real-world attack scenario, a threat actor with a re-derived private key for an SSL/TLS server certificate could impersonate that server when devices attempt to connect,” said JD Kilgallin, senior integration engineer and researcher at Keyfactor. “The connecting user or device cannot distinguish the attacker from the legitimate certificate holder, opening the door to critical device malfunction or exposure of sensitive data.”

Researchers built a database of 75 million active RSA keys using Keyfactor’s proprietary SSL/TLS certificate discovery capabilities. The dataset was augmented using 100 million certificates available through certificate transparency logs and analyzed on a single virtual machine in Microsoft Azure, using Keyfactor’s scalable GCD algorithm to find shared factors. The findings were released at the First IEEE Conference on Trust, Privacy and Security in Intelligent Systems and Applications.

To download a copy of the research paper, please visit: https://info.keyfactor.com/factoring-rsa-keys-in-the-iot-era



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.