Solar Designer <[email protected]> writes: >Here are some examples of 512-bit RSA keys factored:
Right, but that doesn't say anything about what happened here. In every other case we know of in which malware has been signed by CA-issued certs, the keys were either stolen or, more rarely, bought using stolen credentials. Given that you can get certs and keys for free from your botnet (a single months' data from the Kneber botnet alone, a single instance of a Zeus-based botnet, had over two thousand private keys and certs), you can't use the Politician's Fallacy to claim that the keys used in this case were obtained by factoring. They may have been, but they could just as easily have been stolen, and in every other instance where this has occurred in the past they've been stolen or fraudulently obtained. Until there's a web interface that the bad guys can click on that, when fed a cert, gives them the private key a few seconds later, you're not going to beat the convenience of a straightforward kleptographic attack. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
