Fwd: [Cryptography] "DarkHotel" APT routinely breaking RSA512

grarpamp grarpamp at gmail.com
Mon Nov 10 18:17:00 PST 2014


---------- Forwarded message ----------
From: Henry Baker <hbaker1 at pipeline.com>
Date: Mon, Nov 10, 2014 at 5:50 PM
Subject: [Cryptography] "DarkHotel" APT routinely breaking RSA512
To: cryptography at metzdowd.com


"The Darkhotel crew’s skillset allows it to launch interesting
cryptographical attacks, for instance factoring 512 bit RSA keys"

The keys are used to create bogus certificates, e.g.,

GTE
CyberTrust
Digisign Server iD
(Enrich)
flexicorp.jaring.my sha1/
RSA (512 bits)
Expired 12/17/2008 12/17/2010

Equifax
Secure
eBusiness
CA 1
Equifax Secure
eBusiness CA 1
secure.hotelreykjavik.i s
md5/RSA (512 bits)
invalid Sig 2/27/2005 3/30/2007

http://www.net-security.org/secworld.php?id=17612

http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2014/11/darkhotel_kl_07.11.pdf


_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography




More information about the cypherpunks mailing list