On Mon, Nov 10, 2014 at 09:17:00PM -0500, grarpamp wrote:
---------- Forwarded message ---------- From: Henry Baker <hbaker1@pipeline.com> Date: Mon, Nov 10, 2014 at 5:50 PM Subject: [Cryptography] "DarkHotel" APT routinely breaking RSA512 To: cryptography@metzdowd.com
"The Darkhotel crew’s skillset allows it to launch interesting cryptographical attacks, for instance factoring 512 bit RSA keys"
Factoring RSA 512 is well within earthy resources as of now. Probably modest botnet (for sieving) + good machines for linear algebra will factor RSA 512 in moderate time. The interesting question is: did they some crypto breakthrough? btw, RSA cancelled their monetary challenges even for >512...
The keys are used to create bogus certificates, e.g.,
GTE CyberTrust Digisign Server iD (Enrich) flexicorp.jaring.my sha1/ RSA (512 bits) Expired 12/17/2008 12/17/2010
Equifax Secure eBusiness CA 1 Equifax Secure eBusiness CA 1 secure.hotelreykjavik.i s md5/RSA (512 bits) invalid Sig 2/27/2005 3/30/2007
http://www.net-security.org/secworld.php?id=17612
http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2014/11/dar...
_______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography