On Mon, Nov 28, 2011 at 04:57:03PM +1300, Peter Gutmann wrote: > Marsh Ray <[email protected]> writes: > > >* Here's an example of RSA-512 certificates being factored and used to sign > >malware: > >http://blog.fox-it.com/2011/11/21/rsa-512-certificates-abused-in-the-wild/ > > That's an example of *claims* of 512-bit keys being factored, with the > thinking being "everyone knows 512-bit keys are weak, the certs used 512-bit > keys, therefore they must have got them by factoring". Unfortunately this > doesn't explain how they go the 1024-bit and longer keys that were also used > in the attack.
Here are some examples of 512-bit RSA keys factored: http://en.wikipedia.org/wiki/Texas_Instruments_signing_key_controversy http://www.schneier.com/blog/archives/2009/09/texas_instrumen.html http://www.ticalc.org/archives/news/articles/14/145/145154.html http://www.ticalc.org/archives/news/articles/14/145/145273.html http://www.elcomsoft.com/news/127.html http://www.prweb.com/releases/quicken/backdoor/prweb534367.htm As far as I'm aware, these are real (not just claims). Alexander _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
