Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Same RSA Encryption Key Used 28,000 Times

Posted by timothy on Tuesday March 17, 2015 @04:13AM from the well-if-it-workef-for-that-guy dept.

itwbennett writes In the course of trying to find out how many servers and devices are still vulnerable to the Web security flaw known as FREAK, researchers at Royal Holloway of the University of London found something else of interest: Many hosts (either servers or other Internet-connected devices) share the same 512-bit public key. In one egregious example, 28,394 routers running a SSL VPN module all use the same 512-bit public RSA key.

2 of 132 comments (clear)

Min score:

Reason:

Sort:

Poor first sentence by in10se · 2015-03-17 04:34 · Score: 5, Informative

First line of the article:
"What if the key to your house was shared with 28,000 other homes?"
The fact is, you very well might share the key to your house with more than 28000 other homes. Common lock brands you can buy at Home Depot, Lowe's, etc. create a surprisingly low number of different key/tumbler combinations.

--
Popisms.com - Connecting pop culture
Re:Know what's worse? Cleartext. by chrysosphinx · 2015-03-17 04:55 · Score: 5, Insightful

Weak, bad or fake encryption is infinitely much worse than none, because it makes people believe they are safe while they are not.