[Cryptography] Embedded device key generation problems due to bad PRNGs

Bill Frantz frantz at pwpconsult.com
Mon Nov 4 23:23:15 EST 2013 

<https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs/> 
describes net scans for bad RSA keys on the web performed by 
Zakir Durumeric, Eric Wustrow, Alex Halderman, and Nadia 
Heninger. Among their conclusions:

We manually verified that 59,000 duplicate keys were repeated 
due to entropy problems, representing 1% of all certificates, or 
2.6% of self-signed certificates. We also found that 585,000 
certificates, or 4.6% of all devices used the default 
certificates pre-installed on embedded devices.

More surprisingly, we discovered that entropy problems can allow 
a remote attacker with no special access to factor a significant 
fraction of the RSA keys in use on the Internet. We were able to 
factor 0.4% of the RSA keys in our SSL scan. We did this by 
computing the greatest common divisor (GCD) of all pairs of 
moduli from RSA public keys on the Internet.

However, there’s no need to panic as this problem mainly 
affects various kinds of embedded devices such as routers and 
VPN devices, not full-blown web servers.

The list of vulnerable devices that we have already identified 
includes more than thirty different manufacturers, including 
almost all of the biggest names in the computer hardware 
industry. The kinds of products that we identified include 
firewalls, routers, VPN devices, remote server administration 
devices, printers, projectors, and VOIP phones.

This is a problem, but it’s not something that average users 
need to worry about just yet. However, embedded device 
manufacturers have a lot of work to do, and some system 
administrators should be concerned. This is a wake-up call to 
the security community, and a reminder to all of how security 
vulnerabilities can sometimes be hiding in plain sight.

Cheers - Bill

-------------------------------------------------------------------------
Bill Frantz        | Airline peanut bag: "Produced  | Periwinkle
(408)356-8506      | in a facility that processes   | 16345 
Englewood Ave
www.pwpconsult.com | peanuts and other nuts." - Duh | Los Gatos, 
CA 95032

More information about the cryptography mailing list