Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Same RSA Encryption Key Used 28,000 Times

Posted by timothy on from the well-if-it-workef-for-that-guy dept.

itwbennett writes In the course of trying to find out how many servers and devices are still vulnerable to the Web security flaw known as FREAK, researchers at Royal Holloway of the University of London found something else of interest: Many hosts (either servers or other Internet-connected devices) share the same 512-bit public key. In one egregious example, 28,394 routers running a SSL VPN module all use the same 512-bit public RSA key.

3 of 132 comments (clear)

  1. Poor first sentence by in10se · · Score: 5, Informative

    First line of the article:
    "What if the key to your house was shared with 28,000 other homes?"

    The fact is, you very well might share the key to your house with more than 28000 other homes. Common lock brands you can buy at Home Depot, Lowe's, etc. create a surprisingly low number of different key/tumbler combinations.

    --
    Popisms.com - Connecting pop culture
    1. Re:Poor first sentence by Obfuscant · · Score: 4, Informative

      turns out my key worked on *every* upper back unit in each building.

      That's just lazy on the part of your landlord. It's easier for him if all his units share the same lock so he has only one key to carry around.

      But common house keys? Yes, relatively few "combinations". I'm looking at mine, bought from a big-box home outlet store. Five lands -- that's the flat areas where the pins rest when the key is inserted. I didn't count them when I rekeyed my locks, but it's about five pin lengths. Let's see, 5^5 is 3125 different keys. Six pin lengths would be only about 15,000 different sets.

      My work keys have 6 or 7 lands, but the security of those is reduced because each pin has at least two valid lengths. There is actually a published method for taking a bunch of key blanks and a valid key and figuring out the master.

      If you want to know how locks work, go buy a new lock for a house and the rekey kit for it. It's fun. While each kit is "different" (or is supposed to be), with a bit of looking you can find two kits with the same pin lengths just in a different order so you can rekey two locks the same. (The kits I bought had colors for the pins.)

      For cars, I heard a long time ago that Toyotas were prime theft targets not because of the value but because there were a limited number of dealer master keys and the crooks had copies.

  2. Re:Know what's worse? Cleartext. by Anonymous Coward · · Score: 2, Informative

    Any of the WPS methods will give an attacker the WPA/WPA2 key if he can "authenticate" against them. WPS-PIN is specified in a way that it is likely to result in bad implementations which dramatically reduce the number of PINs an attacker has to try in order to gain access. Many routers used an implementation of WPS-PIN that was flawed that way, and quite a lot of those routers ignored the "WPS off" switch in the web interface and always offered their flawed WPS-PIN method. Additionally, even if WPS-PIN is implemented the correct way, it is no match for the security of WPA/WPA2: A seven character numeric PIN (the eighth digit is a checksum) has only 23 bits of entropy, and on many routers that's all that stands between an attacker and your 128bit WPA/WPA2 preshared key, particularly on those which don't rate-limit WPS-PIN tries.

    WPS is only irrelevant if it is (actually) disabled.