Re: How to detect RSA keys that are weak?



On 09/12/2010 23:23, Mark Wooding wrote:
Francois Grieu <fgrieu@xxxxxxxxx> writes:

On 01/12/2010 11:14, Mark Wooding wrote :
Software and firmware with FIPS 140--2 certificates can and does
have bugs, even security critical ones. Even stupid cryptographic
blunders. I know: I've found them, fixed them, issued security
advisories for them. There really isn't a silver bullet here.

For our enjoyment/nosiness, any example? Knowing where others
failed helps; and I just love such anecdotes.

I'd dearly love to share these war stories, but I'd be breaking
confidences if I gave too many details. All of nCipher's security
advisories were posted to Bugtraq and should be in the archives; several
of them apply directly to the module firmware.

Some googling later, I unearthed a public list of advisories
from 2006 with indeed spectacular blunders:
http://web.archive.org/web/20061209124112rn_1/www.ncipher.com/resources/security_advisories/

Relevant to this thread we have for example

Insecure Generation of Diffie-Hellman keys
http://www.securityfocus.com/archive/1/427146

Presence of flaws in firmware security
http://www.securityfocus.com/archive/1/427151


Quick googling failed to find similar public advisories after
2006 OR from any other HSM manufacturer. The practice in this
field is obscurity.


Francois Grieu
.



Relevant Pages

  • Re: Update utility
    ... >> I usually do a cvsup to update the list of the ports tree, ... Below is from a post to security@. ... >> facilitates security patch updating on FreeBSD. ... >> advisories, easy setup and use of CVSUP for source and ports tree ...
    (freebsd-questions)
  • Re: [Full-Disclosure] Secunia Advisory: URL Spoofing
    ... we do not want to take credit from anyone; ... appreciate the work done by everyone in the security community. ... We will change certain parts of our advisories no later than next week ... By exploiting this vulnerability, known as a URL-spoofing ...
    (NT-Bugtraq)
  • Re: [Full-Disclosure] Secunia Advisory: URL Spoofing
    ... we do not want to take credit from anyone; ... appreciate the work done by everyone in the security community. ... We will change certain parts of our advisories no later than next week ... By exploiting this vulnerability, known as a URL-spoofing ...
    (Full-Disclosure)
  • Re: SYM06-013 Symantec On-Demand Protection Encrypted Data Exposure
    ... 2000@stake modified their Bugtraq postings to include a small amount ... website only and not serve as content for for-profit advertising supported ... grounds that it contained minimal security information. ... Symantec should post its full advisories to ...
    (Bugtraq)
  • Re: Individual consumers left out in the cold with Microsoft Security Advisories?!
    ... Microsoft to sound early alert for flaws ... Microsoft will introduce a security advisory service on Tuesday ... "Our advisories will allow us to communicate about more things than ...
    (microsoft.public.windowsxp.general)