Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Thursday May 19, @11:53AM   Printer-friendly [Skip to comment(s)]

Researcher uses 379-year-old algorithm to crack crypto keys found in the wild:

Cryptographic keys generated with older software now owned by technology company Rambus are weak enough to be broken instantly using commodity hardware, a researcher reported on Monday. This revelation is part of an investigation that also uncovered a handful of weak keys in the wild.

The software comes from a basic version of the SafeZone Crypto Libraries, which were developed by a company called Inside Secure and acquired by Rambus as part of its 2019 acquisition of Verimatrix, a Rambus representative said. That version was deprecated prior to the acquisition and is distinct from a FIPS-certified version that the company now sells under the Rambus FIPS Security Toolkit brand.

Researcher Hanno Böck said that the vulnerable SafeZone library doesn't sufficiently randomize the two prime numbers it used to generate RSA keys. (These keys can be used to secure Web traffic, shells, and other online connections.) Instead, after the SafeZone tool selects one prime number, it chooses a prime in close proximity as the second one needed to form the key.

"The problem is that both primes are too similar," Böck said in an interview. "So the difference between the two primes is really small." The SafeZone vulnerability is tracked as CVE-2022-26320.

Cryptographers have long known that RSA keys that are generated with primes that are too close together can be trivially broken with Fermat's factorization method. French mathematician Pierre de Fermat first described this method in 1643.

A little old but interesting nonetheless. Implementation details matter.

[ed. note. - The youtube channel ComputerPhile also has a decent video explaining the issue. - fnord]


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: -1, Troll) by Anonymous Coward on Thursday May 19, @01:16PM

    by Anonymous Coward on Thursday May 19, @01:16PM (#1246232)

    >> "The problem is that both primes are too similar," Böck said in an interview. "So the difference between the two primes is really small."

    Of course a Chinaman could have posted this about white people, but we all know they prefer to copy existing IP.

  • (Score: 4, Insightful) by DannyB on Thursday May 19, @02:30PM

    by DannyB (5839) Subscriber Badge on Thursday May 19, @02:30PM (#1246255) Journal

    It's like a Christmas present. A serious weakness in software. But nothing obviously wrong to the unseasoned observer who doesn't live and breath cryptography. The algorithm is well tested. The numbers are both primes. Nothing obviously wrong with the code that is present. It is code which is absent that seems to be the problem.

    --
    You can not have fun on the weak days but you can on the weakened.
  • (Score: 4, Interesting) by deimios on Thursday May 19, @05:53PM (2 children)

    by deimios (201) Subscriber Badge on Thursday May 19, @05:53PM (#1246330) Journal
    Isn't Rambus that patent troll [wikipedia.org] that once upon a time made some expensive RAM?
    • (Score: 2) by DannyB on Thursday May 19, @06:53PM (1 child)

      by DannyB (5839) Subscriber Badge on Thursday May 19, @06:53PM (#1246357) Journal

      Yes. Yes, they are. And I would strongly condom Rambus' detesticle actions of participating in JEDEC, then refusing to license patents under reasonable and nondiscriminatory terms, and then withdrawing from JEDEC, and then suing everyone.

      --
      You can not have fun on the weak days but you can on the weakened.
      • (Score: 2, Funny) by Anonymous Coward on Friday May 20, @08:14AM

        by Anonymous Coward on Friday May 20, @08:14AM (#1246523)

        Back in the early 2000s I had a system with 400Mhz Rambus memory which was faster than PC133 at the time. I didn't wear a condom when banging chicks on the Ram Bus, and my testicles turned out okay, however I did have to get rid of that system since the cost of a new computer was less than the insane cost to upgrade to higher density rambus modules, assuming you could even buy them. I do agree those motherfuckers are pieces of shit.

  • (Score: 0) by Anonymous Coward on Thursday May 19, @08:53PM

    by Anonymous Coward on Thursday May 19, @08:53PM (#1246382)

    this is old news! must have some massive bit-rot attached to that old code >:P

    more srsly: thumbs up!

  • (Score: 2) by inertnet on Thursday May 19, @09:43PM

    by inertnet (4071) Subscriber Badge on Thursday May 19, @09:43PM (#1246395) Journal

    Well done, 379 is a prime.

  • (Score: 0) by Anonymous Coward on Friday May 20, @11:12AM

    by Anonymous Coward on Friday May 20, @11:12AM (#1246538)
    What a click bait headline...
  • (Score: 2) by esperto123 on Saturday May 21, @05:29PM

    by esperto123 (4303) on Saturday May 21, @05:29PM (#1246880)

    There is this computerphile video that shows how the weakness works https://www.youtube.com/watch?v=-ShwJqAalOk [youtube.com]

(1)