Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Same RSA Encryption Key Used 28,000 Times

Posted by timothy on from the well-if-it-workef-for-that-guy dept.

itwbennett writes In the course of trying to find out how many servers and devices are still vulnerable to the Web security flaw known as FREAK, researchers at Royal Holloway of the University of London found something else of interest: Many hosts (either servers or other Internet-connected devices) share the same 512-bit public key. In one egregious example, 28,394 routers running a SSL VPN module all use the same 512-bit public RSA key.

14 of 132 comments (clear)

  1. Know what's worse? Cleartext. by Iamthecheese · · Score: 3, Insightful

    This is a real problem and I don't mean to minimize it. But weak encryption is infinitely better than none, and the solution to this is immensely easier than the solution to the many, many wholly unencrypted connections that are happening this very moment. I think we should prioritize getting all connections everywhere encrypted somehow.

    --
    If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
    1. Re:Know what's worse? Cleartext. by Anonymous Coward · · Score: 4, Funny

      Like this: https://xkcd.com/538/

    2. Re:Know what's worse? Cleartext. by msauve · · Score: 4, Insightful

      I suspect his problem with it is that he confuses it with WEP.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    3. Re:Know what's worse? Cleartext. by chrysosphinx · · Score: 5, Insightful

      Weak, bad or fake encryption is infinitely much worse than none, because it makes people believe they are safe while they are not.

    4. Re:Know what's worse? Cleartext. by TechyImmigrant · · Score: 4, Insightful

      You are talking about breaking passwords, not the encryption scheme, which comes later.

      Password -> PMK -> 4 way handshake (session key establishment) -> Authenticated encryption (link cipher).

      A 12 character, alphanumeric + special character password, uniformly generated is about 70 bits of entropy. The pbkdf2 invocation to generate the PMK has 4096 iterations, causing the brute force attack to need to perform on average ~ 2^81 hashes before finding a password. This would not happen over lunch.

      Did your friend's tool actually break WEP instead of WPA-2? Or did you have a weak password? Or were you using a weak EAP method? Or what other form of BS are you talking?

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    5. Re:Know what's worse? Cleartext. by Ginger+Unicorn · · Score: 3, Insightful

      Weak or bad encryption is not worse in the situation where the person doesn't care if they're safe, or isn't even aware that there's a safety issue. Which is the vast majority of the time.

      --
      (1.21 gigawatts) / (88 miles per hour) = 30 757 874 newtons
  2. So Out Them! by bill_mcgonigle · · Score: 3, Interesting

    "That's just laziness on the part of a manufacturer," Paterson said in a phone interview. "This is cardinal sin."

    Then it deserves at least social shaming and ostracism, if not worse than those minor responses to venial sins. Protecting the manufacturers only creates an environment where the incentives are aligned for them to do it again. If manufacturers aren't keenly aware that they need to protect their reputation, then they will cut every corner that doesn't provide them a competitive advantage.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  3. I imagine .... by PPH · · Score: 4, Insightful

    ... some vendor built a router or server up to the point of generating the public/private key pair, tested it, saved the image and started copying it to production units.

    Similar mistake have been made before.

    --
    Have gnu, will travel.
  4. Poor first sentence by in10se · · Score: 5, Informative

    First line of the article:
    "What if the key to your house was shared with 28,000 other homes?"

    The fact is, you very well might share the key to your house with more than 28000 other homes. Common lock brands you can buy at Home Depot, Lowe's, etc. create a surprisingly low number of different key/tumbler combinations.

    --
    Popisms.com - Connecting pop culture
    1. Re:Poor first sentence by bobbied · · Score: 3, Insightful

      So having a lock really is an advantage... Well, actually it doesn't matter to a thief anyway.

      I once had the window broken in my car so they could steal my wife's purse... The doors where unlocked, but they broke the window anyway.

      I guess the issue here is that the "key" is easily changed in this case. You don't need to have the guy at the home improvement store rekey it for you...

      --
      "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
    2. Re:Poor first sentence by 93+Escort+Wagon · · Score: 4, Funny

      Cars, too.

      Funny anecdote: Quite some years ago, my wife and I were over at another couple's house for our semi-regular game of Pinocle. After we called it an evening, I went out the door and accidentally got into their Ford Escort (at the time, they owned one that was a very similar color to ours - plus it was night). They stood there and laughed at me... and then I started their car with my key.

      --
      #DeleteChrome
    3. Re:Poor first sentence by Obfuscant · · Score: 4, Informative

      turns out my key worked on *every* upper back unit in each building.

      That's just lazy on the part of your landlord. It's easier for him if all his units share the same lock so he has only one key to carry around.

      But common house keys? Yes, relatively few "combinations". I'm looking at mine, bought from a big-box home outlet store. Five lands -- that's the flat areas where the pins rest when the key is inserted. I didn't count them when I rekeyed my locks, but it's about five pin lengths. Let's see, 5^5 is 3125 different keys. Six pin lengths would be only about 15,000 different sets.

      My work keys have 6 or 7 lands, but the security of those is reduced because each pin has at least two valid lengths. There is actually a published method for taking a bunch of key blanks and a valid key and figuring out the master.

      If you want to know how locks work, go buy a new lock for a house and the rekey kit for it. It's fun. While each kit is "different" (or is supposed to be), with a bit of looking you can find two kits with the same pin lengths just in a different order so you can rekey two locks the same. (The kits I bought had colors for the pins.)

      For cars, I heard a long time ago that Toyotas were prime theft targets not because of the value but because there were a limited number of dealer master keys and the crooks had copies.

  5. So easy to find by kooky45 · · Score: 4, Interesting
    Just scanned the /16 next to my home broadband and found a number of repeated certificate hashes and all belonging to systems identifying themselves as

    *.myfoscam.org/organizationName=ShenZhen Foscam Intelligent Technology Co,Ltd

    Seems to be a network enabled camera.

    1. Re:So easy to find by kooky45 · · Score: 3, Interesting
      And done the /8 now and another common ones are

      commonName=UBNT/organizationName=Ubiquiti Networks Inc.

      commonName=TS Series NAS/organizationName=QNAP Systems Inc.

      commonName=Vigor Router/organizationName=DrayTek Corp.

      commonName=homenet.telecomitalia.it/organizationName=TELECOM ITALIA SPA

      commonName=localdomain/organizationName=Axentraserver Default Certificate 863B4AB

      In fact, there are duplicate hashes appearing all over the place so it's an endemic problem.