A recent study has uncovered significant vulnerabilities in millions of RSA keys used across the internet, particularly in IoT devices.
The research, conducted by Jonathan Kilgallin and Ross Vasko from Keyfactor, analyzed a vast dataset of RSA certificates and found that approximately one in 172 keys shared a factor with another, making them susceptible to compromise.
This vulnerability arises from poor random number generation during key creation, a common issue in devices with limited entropy, such as IoT devices.
The Nature of the Vulnerability
The security of RSA keys relies on the secrecy of two large prime numbers used to generate the public key.
If these primes are not chosen randomly enough, it becomes possible for multiple keys to share a prime factor.
By computing the Greatest Common Divisor (GCD) of two RSA moduli, an attacker can easily identify shared factors, thereby compromising both keys.
This method is significantly simpler than factoring the moduli directly and can be scaled to analyze large datasets efficiently.
The study collected and analyzed 75 million RSA certificates from the internet and augmented this dataset with 100 million certificates from Certificate Transparency logs.
The analysis revealed that at least 435,000 certificates were vulnerable to this attack.
The discrepancy in vulnerability rates between internet-exposed keys and those in Certificate Transparency logs highlights the particular susceptibility of IoT devices.
These devices often operate under design constraints and have limited access to entropy, making their key generation processes more predictable and vulnerable.
Implications for IoT Security
The widespread presence of IoT devices in sensitive environments, such as healthcare and automotive systems, amplifies the potential impact of compromised RSA keys.
Unlike traditional computing devices, IoT devices are often difficult to patch and may remain vulnerable for extended periods.
The increasing number of network-connected devices and the ease of accessing computational resources for analysis exacerbate the risk.
As the IoT landscape continues to expand, ensuring that devices generate keys with sufficient randomness is crucial to prevent such vulnerabilities.
The study underscores the need for device manufacturers to adhere to best practices in cryptography and ensure their devices have adequate entropy for secure key generation.
This is particularly important in critical infrastructure where compromised keys could lead to catastrophic consequences.
The accessibility of cloud computing resources and pre-collected datasets further lowers the barrier for potential attackers, emphasizing the urgency of addressing these vulnerabilities to protect both consumer data and critical systems.
