Test the server key to check if it is not factorable

Question

Test the server key to check if it is not factorable

tomato42 opened this issue 6 years ago · 2 comments

There are not insignificant number of devices that generate or use RSA keys that can be factored, there should be either a mode, or few simple checks to see if the key can't be easily factored.

https://freedom-to-tinker.com/2012/02/15/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs/

Answer 1 · 2019-02-26T23:33:53.000Z

I think this would be better as an analysis worker in tls-observatory.

Answer 2 · 2019-02-27T09:12:10.000Z

yeah, full blown test is definitely not doable by the regular test, but they did find few primes that are common, so checking few dozen of those could be done during the scan (for single host run) or when aggregating results (when scanning multiple hosts)