* [Cerowrt-devel] Fwd: TALK:Monday 12-3-12 Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
[not found] ` <CAGhGL2BR1UAX29eiyhrUdDVL3KxjMeXGqtTMB9JSfxYb_DT=Yg@mail.gmail.com>
@ 2012-12-03 20:34 ` Dave Taht
0 siblings, 0 replies; only message in thread
From: Dave Taht @ 2012-12-03 20:34 UTC (permalink / raw)
To: cerowrt-devel
I don't have a link to this paper (yet), but it pretty much confirms
what I already knew...
I'd like to add more sources of entropy to cerowrt ASAP.
They didn't look at WPA, it seems, either.
---------- Forwarded message ----------
From: Jim Gettys <jg@freedesktop.org>
Date: Mon, Dec 3, 2012 at 2:31 PM
Subject: Re: TALK:Monday 12-3-12 Mining Your Ps and Qs: Detection of
Widespread Weak Keys in Network Devices
To: Dave Taht <dave.taht@gmail.com>
On Mon, Dec 3, 2012 at 12:01 AM, Csail Event Calendar
<eventcalendar@csail.mit.edu> wrote:
>
>
> CSAIL Security Seminar 2012/2013
> Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices
> Speaker: Nadia Heninger
> Speaker Affiliation: Microsoft Research, New England
>
> Date: 12-3-2012
> Time: 4:00 PM - 5:00 PM
> Refreshments: 4:00 PM
> Location: Stata, G575
>
> Abstract: RSA and DSA can fail catastrophically when used with malfunctioning
> random number generators, but the extent to which these problems arise in
> practice has never been comprehensively studied at Internet scale.
>
> We perform the largest ever network survey of TLS and SSH servers and
> present evidence that vulnerable keys are surprisingly widespread. We
> find that 0.75% of TLS certificates share keys due to insufficient
> entropy during key generation, and we suspect that another 1.70% come
> from the same faulty implementations and may be susceptible to
> compromise. Even more alarmingly, we are able to obtain RSA private
> keys for 0.50% of TLS hosts and 0.03% of SSH hosts, because their
> public keys shared nontrivial common factors due to entropy problems,
> and DSA private keys for 1.03% of SSH hosts, because of insufficient
> signature randomness. We cluster and investigate the vulnerable hosts,
> finding that the vast majority appear to be headless or embedded devices. In
> experiments with three software components commonly used by these devices, we
> are able to reproduce the vulnerabilities and identify specific software
> behaviors that induce them, including a boot-time entropy hole in the Linux
> random number generator. Finally, we suggest defenses and draw lessons for
> developers, users, and the
> security community.
>
> Joint work with Zakir Durumeric, Eric Wustrow, and J. Alex Halderman.
>
>
> Bio: Nadia Heninger is a postdoctoral visiting researcher at Microsoft
> Research New England. Last year she was an NSF mathematical sciences
> postdoctoral fellow at UC San Diego. She finished her PhD in 2011 at
> Princeton.
>
> Relevant URL(S):
> For more information please contact: Raluca Ada Popa, ralucap@mit.edu
>
> _______________________________________________
> Seminars mailing list
> Seminars@lists.csail.mit.edu
> https://lists.csail.mit.edu/mailman/listinfo/seminars
>
>
--
Dave Täht
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-12-03 20:34 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <E1TfO9O-0003Bb-4W@hindenburg.csail.mit.edu>
[not found] ` <CAGhGL2BR1UAX29eiyhrUdDVL3KxjMeXGqtTMB9JSfxYb_DT=Yg@mail.gmail.com>
2012-12-03 20:34 ` [Cerowrt-devel] Fwd: TALK:Monday 12-3-12 Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices Dave Taht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox