Just recently, I moved my personal website to HTTPS, making sure to use a secure 2048-bit RSA key and TLS 1.2, and guarding against vulnerabilities such as POODLE and Logjam. It took some work, but not that much work, even for doing the research. Yet there are some people who just don't care.
Due to a new technique, 512-bit keys are now completely vulnerable for as little as $75.
The technique, which uses Amazon's EC2 cloud computing service, is described in a paper published last week titled Factoring as a Service .
[...] The researchers concluded that despite widespread awareness that 512-bit keys are highly susceptible to breaking, the message still hasn't adequately sunk in with many administrators. The researchers wrote:
512-bit RSA has been known to be insecure for at least fifteen years, but common knowledge of precisely how insecure has perhaps not kept pace with modern technology. We build a system capable of factoring a 512-bit RSA key reliably in under four hours. We then measure the impact of such a system by surveying the incidence of 512-bit RSA in our modern cryptographic infrastructure, and find a long tail of too-short public keys and export-grade cipher suites still in use in the wild. These numbers illustrate the challenges of keeping an aging Internet infrastructure up to date with even decades-old advances in cryptanalysis.
The article reports finding a significant number of sites that are still using 512-bit RSA keys to protect HTTPS, DNSSEC, ssh, e-mail (SMTP, POP3, and IMAP), and other services.
(Score: 2) by VLM on Wednesday October 21 2015, @08:44PM
That is true AC and as you'd expect its possible to configure TLS to not use PFS and as you'd expect a fraction of admins fail (about 20% last I heard)
If you do Diffie Hellman right, it'll work. And as you'd expect its possible to do it wrong, given a yes/no security option about half of noobs guess wrong, etc.
There's a hell of a good book titled "Bulletproof SSL and TLS" that is officially VLM recommended that is a touch dry but goes into more detail than I can remember on this general topic.
Also see: (same guy, this is kind of like a BGP looking glass for TLS/SSL... type in a domain, learn all about it)
https://www.ssllabs.com/ [ssllabs.com]
(Score: 3, Informative) by VLM on Wednesday October 21 2015, @08:57PM
Whoops forgot to add this entertaining link (as you could guess I would do):
https://www.ssllabs.com/ssltest/analyze.html?d=soylentnews.org&latest [ssllabs.com]
Nice job guys "A" grades on both ipv4 and ipv6
You guys properly listed ECDHE and DHE first before the others so if the client supports PFS, they'll preferentially get PFS. Nice job removing RC4 too.
I've been around and I've seen a lot of F'ed up stuff in my days, worse than goatse even, and I'm not just kissing up to the ops by telling other people that SN is one of the best technically admined sites on the internet.