Millions of RSA encryption keys contain major flaws, making them vulnerable to attack, according to new research.
Analysis from Keyfactor found around 1 in 172 of all certificates found online are susceptible to compromise through a mathematical attack, equating to potentially millions of keys.
The vulnerability mainly affects Internet of Things (IoT) devices, but is a risk for any system using improperly generated RSA keys, or even other encryption schemes such as Elliptic-Curve Cryptography (ECC).
“With modest resources, we were able to obtain hundreds of millions of RSA keys used to protect real-world traffic on the internet,” said Keyfactor’s Jonathan Kilgallin and Ross Vasko.
“Using a single cloud-hosted virtual machine and a well-studied algorithm, over one in 200 certificates using these keys can be compromised in a matter of days.”
Public key cryptography is used to securely transmit data to a remote source, with the RSA algorithm one of the most popular techniques.
Data can be encrypted with the public portion of the remote source’s key, and then decrypted only by the private key at the other end. The security of RSA keys is based on two large prime numbers that are used to generate the public key.
However, according to Keyfactor, this encryption can be cracked. The root of the problem is poor random number generation, with keys sharing prime factors with other keys.
If two keys share a prime factor, both can be broken by computing the Greatest Common Divisor (GCD), allowing the private key to be completely reconstructed.
“This is concerning, as a party with a re-derived private key for an SSL/TLS server certificate can impersonate that entity, and network clients attempting to connect to that endpoint cannot distinguish the attacker from the legitimate holder of the certificate,” write Kilgallin and Vasco.
Compromised RSA encryption keys could wreak havoc
In the case of automobiles, medical implants, or other critical devices, for example, the impersonated service could cause the device to malfunction and cause physical harm.
The researchers said that almost exactly half the compromised certificates they found contained the name of one particular large network equipment manufacturer – which they didn’t identify as they haven’t been able to identify or notify all manufacturers.
“This discovery highlights the need for continuous evaluation and improvement of our security infrastructure, particularly as IoT devices are increasingly ubiquitous,” commented Javvad Malik, lead security awareness advocate at KnowBe4.
“A multi-faceted approach is essential. Organisations must evaluate their exposure and prioritize mitigation efforts.”
At the same time, Malik said there needs to be more rigorous standards for cryptographic implementations, especially in IoT devices.
“Fostering increased cooperation between manufacturers, developers, and security professionals is crucial to address systemic vulnerabilities effectively,” he said.
MORE FROM ITPRO
