[Cryptography] "DarkHotel" APT routinely breaking RSA512
Henry Baker
hbaker1 at pipeline.com
Mon Nov 10 17:50:18 EST 2014
"The Darkhotel crew’s skillset allows it to launch interesting cryptographical attacks, for instance factoring 512 bit RSA keys"
The keys are used to create bogus certificates, e.g.,
GTE
CyberTrust
Digisign Server iD
(Enrich)
flexicorp.jaring.my sha1/
RSA (512 bits)
Expired 12/17/2008 12/17/2010
Equifax
Secure
eBusiness
CA 1
Equifax Secure
eBusiness CA 1
secure.hotelreykjavik.i s
md5/RSA (512 bits)
invalid Sig 2/27/2005 3/30/2007
http://www.net-security.org/secworld.php?id=17612
http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2014/11/darkhotel_kl_07.11.pdf
More information about the cryptography
mailing list