Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

RSA security flawed say researchers after collecting duplicate public keys

Crypto experts conduct search of millions of X.509 certificates

Article comments

Cryptography researchers collected millions of X.509 public key certificates that are publicly available over the web and found what they say is a shockingly high frequency of duplicate RSA-moduli keys.

"We performed a sanity check of public keys collected on the web," the researchers state in their paper, published today and titled "Ron was wrong, Whit is right".

The researchers, who include Arjen Lenstra, James Hughes, Maxime Augier, Joppe Bos, Thorsten Kleinjung and Christophe Wachter, note in the paper that they found a shockingly high number of duplicate secret keys in what is supposed to be unique random number generation in RSA-based moduli.

Related Articles on Techworld

The researchers said in an examination of 6.4 million distinct X.509 certificates and PGP keys containing RSA moduli, 71,052 (1%) occur more than once, some of them thousands of times. "Overall, over the data we collected, 1024-bit RSA provides 99.8% security at best," the paper states. "More seriously, we stumbled upon 12,720 different 1024-bit RSA moduli that offer no security. Their secret keys are accessible to anyone who takes the trouble to redo our work."

The researchers summarised their findings by saying, "We find the vast majority of public keys work as intended. A more disconcerting finding is that two out of every one thousand RSA moduli that we collected offer no security."

They also said their research showed that crypto based on "single-secret" cryptosystems like ElGamal or DSA, based on Diffie-Hellman, is less risky than cryptosystems based on RSA. Hence the research paper’s title, "Ron was wrong, Whit is right," is an oblique reference to Whitfield Diffier, the cryptographer, and Ron Rivest, the co-inventor of the RSA algorithm.

RSA has no immediate comment to the paper. It was not possible to immediately reach the researchers Arjen Lenstra or James Hughes.

Some cryptographers say the paper is impressive in its scope.

"It is interesting. And great research," commented Bruce Schneier, cryptography expert. He said the research paper “is mainly a demonstration of the truism that random number generation is hard to do."

As to whether these research findings will cause a panic run away from the RSA crypto technology, he said, "No. But it will, like an Italian cruise ship running aground off the coast of Italy, make people wary of cruising – or maybe countries that begin with the letter 'I.'"

The researchers of the "Ron was wrong, Whit is right" paper say they will be presenting more about the findings at an upcoming conference.

They also said due to the difficulty in contacting individuals whose public key certificates they say are at risk, they have decided to put their project data "under custody" so that if anyone wants to exploit the current situation, they would have to redo the work, both the data collection and the calculation.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *