Re: how i stopped worrying and loved the backdoor

[coderman <coderman () gmail com>]

On Fri, Dec 24, 2010 at 5:08 PM, Dan Kaminsky <dan () doxpara com> wrote:
> ...
> Don't we have hardware RNG in most motherboard chipsets nowadays?

clearly not enough of them!

'Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices'
https://factorable.net/weakkeys12.extended.pdf

"""
RSA and DSA can fail catastrophically when used with malfunctioning
random number generators, but the extent to which these problems arise
in practice has never been comprehensively studied at Internet scale.
We perform the largest ever network survey of TLS and SSH servers and
present evidence that vulnerable keys are surprisingly widespread.

We find that 0.75% of TLS certificates share keys due to insufficient
entropy during key generation, and we suspect that another 1.70% come
from the same faulty implementations and may be susceptible to
compromise.

Even more alarmingly, we are able to obtain RSA private keys for 0.50%
of TLS hosts and 0.03% of SSH hosts, because their public keys shared
nontrivial common factors due to entropy problems, and DSA private
keys for 1.03% of SSH hosts, because of insufficient signature
randomness. We cluster and investigate the vulnerable hosts, finding
that the vast majority appear to be headless or embedded devices.
"""

infosec comedy gold :P

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/