{"id":10894,"date":"2013-09-07T19:42:13","date_gmt":"2013-09-08T00:42:13","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=10894"},"modified":"2013-09-07T19:42:56","modified_gmt":"2013-09-08T00:42:56","slug":"weak-keys-in-network-devices-mind-your-rng","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=10894","title":{"rendered":"Weak Keys in Network Devices &#8211; Mind your RNG!"},"content":{"rendered":"<blockquote><p>An RSA public key (e,N) consists of an exponent e and a modulus N. The modulus is the product of two randomly chosen prime numbers p and, q. If p and q are known, it is straightforward to derive the private key. However, if they are unknown, one must factor N into p and q, which requires intensive computing resources. However, let\u2019s assume that two keys with modulus N<sub>1<\/sub> and N<sub>2<\/sub> share one of the factors: N<sub>1<\/sub> = p<sub>1<\/sub> x q and N<sub>2<\/sub> = p<sub>2<\/sub> x q. In this case, finding the greatest common divisor of N<sub>1<\/sub> and N<sub>2<\/sub>, which is q, is sufficient to factor these two moduli. The task of finding the greatest common divisor of two 1024-bit integers is much simpler than factoring and can be done in microseconds\u2026<\/p>\n<p>This well known vulnerability of RSA can be exploited in the context of low entropy keys. Poor random number generation can indeed lead to multiple keys sharing one of their factors. Heninger found that more than 60\u2019000 keys (approximately 0.5%) they had collected could be factored in this way.<\/p><\/blockquote>\n<p>via <a href=\"http:\/\/www.idquantique.com\/news\/newsletter-quantis-september-2012.html?start=1\">Quantis Newsletter &#8211; September 2012<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An RSA public key (e,N) consists of an exponent e and a modulus N. The modulus is the product of two randomly chosen prime numbers p and, q. If p and q are known, it is straightforward to derive the &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=10894\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[737],"tags":[338,180,1191,1190],"class_list":["post-10894","post","type-post","status-publish","format-standard","hentry","category-stem","tag-encryption","tag-math","tag-random-numbers","tag-rsa"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/10894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10894"}],"version-history":[{"count":2,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/10894\/revisions"}],"predecessor-version":[{"id":10896,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/10894\/revisions\/10896"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10894"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}