Factoring "short-sleeve" RSA keys with polynomials

Trail of Bits·Security / OSINT·

What happens when the bits of an RSA private key are heavily biased toward 0 instead of being randomly generated? The public key’s bits could be biased enough for us to detect these incorrectly generated keys in the wild. Together with Hanno Böck of the badkeys project, we found hundreds of unique keys that not only have this property, but can be quickly factored. We also found the bug that led to many of these keys and analyzed historical data to track the issue over time. Surprisingly, the pat...

Read full article →

Related Articles

Google Chrome silently installs a 4 GB AI model on your device without consent
john-doe · Hacker News · 1mo ago
DNSSEC disruption affecting .de domains – Resolved
warpspin · Hacker News · 1mo ago
Security through obscurity is not bad
mobeigi · Hacker News · 1mo ago
US healthcare marketplaces shared citizenship and race data with ad tech giants
ZeidJ · Hacker News · 1mo ago
The text mode lie: why modern TUIs are a nightmare for accessibility
SpyCoder77 · Hacker News · 1mo ago