Internet security researchers uncover insecure public RSA encryption keys

Insecure Encryption Keys

The study carried out by a team of US and European cryptography researches, which analysed 7.1 million RSA keys, discovered that 0.02% were not generated securely (see report). These encryption keys secure billions of online transactions every day from online banking and shopping to email and numerous other sensitive exchanges.

The revelations signify that 2 out of every thousand keys offer “effectively no security” against a hostile attack due to weak random number generator algorithms. The researchers said they “stumbled upon” just under 27,000 different keys offering no security and that “the keys are accessible to anyone who takes the trouble to redo our word.” Duly, the information has been removed from the internet and measures have been taken to protect it from theft.

Related reading

Leave a comment