Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Encryption Security Microsoft

Fox-IT Completes the Picture On the Factored RSA-512 Keys 38

Posted by Soulskill from the sneaky-rogues-with-broken-keys dept.
An anonymous reader sends in this excerpt from the Fox-IT blog: "During recent weeks we have observed several interesting publications which have a direct relation to an investigation we worked on recently. On one hand there was a Certificate Authority being revoked by Mozilla, Microsoft and Google (Chrome), on the other hand there was the disclosure of a malware attack by Mikko Hypponen (FSecure) using a government issued certificate signed by the same Certificate Authority. That case, however, is not self-contained, and a whole range of malicious software had been signed with valid certificates. The malicious software involved was used in targeted attacks focused on governments, political organizations and the defense industry. The big question is, of course, what happened, and how did the attackers obtain access to these certificates? We will explain here in detail how the attackers have used known techniques to bypass the Microsoft Windows code signing security model."
This discussion has been archived. No new comments can be posted.

Fox-IT Completes the Picture On the Factored RSA-512 Keys More

Fox-IT Completes the Picture On the Factored RSA-512 Keys

Comments Filter:

  • Re:Short answer (Score:4, Interesting)

    by Anonymous Coward on Monday November 21, 2011 @07:59PM (#38130712)

    RSA-512 is weak, can be factored in a few weeks

    Also consider that RSA-768 took an estimated $100,000 USD worth of electricity to factorize in 2008 (plus intelligent folks to write the software). So, you should not even use RSA-768 unless the secret you are protecting is worth much less than $100,000.

    By comparison, RSA-512 security is a complete joke in 2011, and can be factorized for less than $250 if you don't know what you are doing, or for under $50 if you do. Implementing RSA-512 correctly in your application will cost more than it will take to break it.

    Conservatively, RSA-1024 would need about 1000 times the resources to factorize as RSA-768 used, so should be safe to use as long as your secrets aren't worth more than a few million dollars and only need to be protected for a few years.

    That means RSA-1024 is a huge bargain for the user -- significant improvement in short-term security for the user compared to using RSA-512, for only 2x the amount of CPU resources.

  • Re:should I check my Firefox Certificates? (Score:5, Interesting)

    by arglebargle_xiv ( 2212710 ) on Tuesday November 22, 2011 @12:36AM (#38132566)

    I see DigiNotar and DigiCert Authorities in Firefox's Certificate Manager. Should I be concerned about these?

    Since the situation with DigiNotar and others isn't, by definition, allowed to happen in PKI, there's no way of dealing with it when it does. So the only way to handle it is for Mozilla to create fake certs for those CAs and add them to the FF cert store, effectively cache-poisoning themselves so that the fake certs, which aren't trusted, get used by FF instead of the real ones. Since they're not trusted, you get a verification failure when you try and use them.

    (See my earlier comment in the other thread about PKI being treated as something to roll your eyes at and/or joke about by security experts).

Slashdot Top Deals

"May your future be limited only by your dreams." -- Christa McAuliffe

Close