Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Public Key Used To Secure HTTPS Fails 'Sanity Check'
Researchers find two out of every 1,000 public keys can be easily cracked
1 Min Read
The current public key infrastructure used to secure HTTPS has security shortcomings that--in some cases--could be exploited by attackers to steal data and attack servers.
That finding comes from a paper due to be presented at the Crypto 2012 conference in August in Santa Barbara, Calif. The paper was written by a team of European and American mathematicians and cryptographers, led by Dutch mathematician Arjen K. Lenstra at the Ecole Polytechnique Federale de Lausanne (EPFL) in Switzerland. The researchers published their paper early, given the severity of the vulnerabilities they discovered.
"We performed a sanity check of public keys collected on the Web," wrote the researchers in their report. "Our main goal was to test the validity of the assumption that different random choices are made each time keys are generated. We found that the vast majority of public keys work as intended."
Read the full article here.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
Read more about:
2012About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
