[SSL Observatory] Widespread RNG vulnerabilities discovered using Observatory data

Wed Feb 15 16:32:47 PST 2012

Making a contact list is not a problem, making it public needs a bit of thought.

On Wed, Feb 15, 2012 at 4:37 PM, Ondrej Mikle <ondrej.mikle at nic.cz> wrote:
> On 02/15/2012 08:19 PM, Peter Eckersley wrote:
>> On Tue, Feb 14, 2012 at 06:11:49PM -0800, Peter Eckersley wrote:
>>
>> This seems consistent with Nadia Heninger's claim that these are
>> exclusively routers, VPN devices and other embedded systems:
>>
>> https://www.freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs
>>
>> Apologies for panicking any CAs over this, it seems as though router and VPN
>> manufacturers will have responsibility for responding to this problem.
>
> Don't beat yourself over it :-) With all due respect to Lenstra et al. (the work
> they did was good), the data originally provided by them made the case
> (unintentionally) sound scarier than it is.
>
> Though the idea to make a public "CA security email address contact list" would
> be still nice. For example, I've run into a dead-end when reporting yet-unknown
> certs with weak 512-bit keys with the right KU and EKU extensions for code
> signing to a CA (it was around the time when malware signed by factorized keys
> became rampant; the CA in question was trusted by Mozilla and Microsoft). The
> only officially listed contact did not respond at all (I guess only disclosure
> in a list made them to actually revoke them weeks later).
>
> Also, I'd like to add a comment on keys shared by "often uninvolved parties". I
> had a discussion with Ralph Holz about our results in key-sharing and we agreed
> that in many cases, it is really hard to find out whether parties are involved
> or not (meaning: lot of manual checking of financial registries and whatnot;
> hard to automatize). Nevertheless, there are e.g. VPS hostings that simply copy
> over installation image and do not change keys.
>
> There is also some key-sharing among RAs and CAs in CA-certs (with different
> policies stated in CPS for the products), an example (full graph of such certs
> is still on my TODO list):
>
> -----BEGIN CERTIFICATE-----
> MIIFAzCCA+ugAwIBAgIQTM1KmltFEyGMz5AviytRcTANBgkqhkiG9w0BAQUFADCB
> lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
> Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
> dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
> SGFyZHdhcmUwHhcNMDYwOTE4MDAwMDAwWhcNMjAwNTMwMTA0ODM4WjBxMQswCQYD
> VQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdT
> YWxmb3JkMRowGAYDVQQKExFDb21vZG8gQ0EgTGltaXRlZDEXMBUGA1UEAxMOUG9z
> aXRpdmVTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9T3lY
> IpPJKD5SEQAvwKkgitctVR4Q57h/4oYqpOxe6eSSWJZUDfMXukGeFZFV78LuACAY
> RYMm3yDMPbOhEzEKIVx5g3mrJBVcVvC0lZih2tIb6ha1y7ewwVP5pEba8C4kuGKe
> joteK1qWoOpQ6Yj7KCpNmpxIT4O2h65Pxci12f2+P9GnncYsEw3AAcezcPOPabuw
> PBDf6wkAhD9u7/zjLbTHXRHM9/Lx9uLjAH4SDt6NfQDKOj32cuh5JaYIFveriP9W
> XgkXwFqCBWI0KyhIMpfQhAysExjbnmbHqhSLEWlN8QnTul2piDdi2L8Dm53X5gV+
> wmpSqo0HgOqODvMdAgMBAAGjggFuMIIBajAfBgNVHSMEGDAWgBShcl8mGyiYQ5Vd
> BzfVhZadS9LDRTAdBgNVHQ4EFgQUuMoR6QYxedvDlMboGSq8uzUWMaQwDgYDVR0P
> AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwewYDVR0fBHQwcjA4oDagNIYy
> aHR0cDovL2NybC5jb21vZG9jYS5jb20vVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5j
> cmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29tb2RvLm5ldC9VVE4tVVNFUkZpcnN0LUhh
> cmR3YXJlLmNybDCBhgYIKwYBBQUHAQEEejB4MDsGCCsGAQUFBzAChi9odHRwOi8v
> Y3J0LmNvbW9kb2NhLmNvbS9VVE5BZGRUcnVzdFNlcnZlckNBLmNydDA5BggrBgEF
> BQcwAoYtaHR0cDovL2NydC5jb21vZG8ubmV0L1VUTkFkZFRydXN0U2VydmVyQ0Eu
> Y3J0MA0GCSqGSIb3DQEBBQUAA4IBAQAdtOf5GEhd7fpawx3jt++GFclsE0kWDTGM
> MVzn2odkjq8SFqRaLZIaOz4hZaoXw5V+QBz9FGkGGM2sMexq8RaeiSY9WyGN6Oj5
> qz2qPMuZ8oZfiFMVBRflqNKFp05Jfdbdx4/OiL9lBeAUtTF37r0qhujop2ot2mUZ
> jGfibfZKhWaDtjJNn0IjF9dFQWp2BNStuY9u3MI+6VHyntjzf/tQKvCL/W8NIjYu
> zg5G8t6P2jt9HpOs/PQyKw+rAR+lQI/jJJkfXbKqDLnioeeSDJBLU30fKO5WPa8Y
> Z0nf1R7CqJgrTEeDgUwuRMLvyGPui3tbMfYmYb95HLCpTqnJUHvi
> -----END CERTIFICATE-----
>
> -----BEGIN CERTIFICATE-----
> MIIE0DCCA7igAwIBAgIQMKeebbHpGVqxyFDTln1j1TANBgkqhkiG9w0BAQUFADBv
> MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
> ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
> eHRlcm5hbCBDQSBSb290MB4XDTA1MDcxNDAwMDAwMFoXDTE5MDcwOTE4MTkyMlow
> dTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
> cnNleSBDaXR5MSYwJAYDVQQKEx1Qb3NpdGl2ZSBTb2Z0d2FyZSBDb3Jwb3JhdGlv
> bjETMBEGA1UEAxMKTGl0ZVNTTCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
> AQoCggEBAL1PeVgik8koPlIRAC/AqSCK1y1VHhDnuH/ihiqk7F7p5JJYllQN8xe6
> QZ4VkVXvwu4AIBhFgybfIMw9s6ETMQohXHmDeaskFVxW8LSVmKHa0hvqFrXLt7DB
> U/mkRtrwLiS4Yp6Oi14rWpag6lDpiPsoKk2anEhPg7aHrk/FyLXZ/b4/0aedxiwT
> DcABx7Nw849pu7A8EN/rCQCEP27v/OMttMddEcz38vH24uMAfhIO3o19AMo6PfZy
> 6HklpggW96uI/1ZeCRfAWoIFYjQrKEgyl9CEDKwTGNueZseqFIsRaU3xCdO6XamI
> N2LYvwObndfmBX7CalKqjQeA6o4O8x0CAwEAAaOCAWAwggFcMB0GA1UdDgQWBBS4
> yhHpBjF528OUxugZKry7NRYxpDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgw
> BgEB/wIBATARBglghkgBhvhCAQEEBAMCAgQwewYDVR0fBHQwcjA4oDagNIYyaHR0
> cDovL2NybC5jb21vZG9jYS5jb20vQWRkVHJ1c3RFeHRlcm5hbENBUm9vdC5jcmww
> NqA0oDKGMGh0dHA6Ly9jcmwuY29tb2RvLm5ldC9BZGRUcnVzdEV4dGVybmFsQ0FS
> b290LmNybDCBhgYIKwYBBQUHAQEEejB4MDsGCCsGAQUFBzAChi9odHRwOi8vY3J0
> LmNvbW9kb2NhLmNvbS9BZGRUcnVzdFVUTlNlcnZlckNBLmNydDA5BggrBgEFBQcw
> AoYtaHR0cDovL2NydC5jb21vZG8ubmV0L0FkZFRydXN0VVROU2VydmVyQ0EuY3J0
> MA0GCSqGSIb3DQEBBQUAA4IBAQBC6Axe81lrom4vHWzOmzz+QYj/ADLgK8RDWDbI
> QHwZcNXyYJPz7kmOcpAbayWK1yAzGr4JPiKP3z86voZ56MpIfOt0eKpxKBUdXtsV
> P1XOLeKbmHDhcjxZjRYRIi2e1dXHOAAlF/abnGSsR/eCo/4RRf9FcCZPgvBx1Kin
> 94eVLE9rI2JwuUpDnogyo+EHMTUWIdtCdtsLFP1IY1JCdfZCFph/kW+FLdiQ8DOr
> nJkl8PP6wL2aXDnnniFcBMa9rqB/ib5buMRAO+nJVv28mJkggodDRpZXFp+OGTIU
> WjEZgqr9NaoNZCZpyfZxPsOFYzoxLYEmJs3AJHxkhIHg6YQU
> -----END CERTIFICATE-----
>
> Ondrej

-- 
Website: http://hallambaker.com/