RSA Keys Quality in a Real-world Organizational Certificate Dataset: a Practical Outlook
Abstract
Full Text:
PDFReferences
Z. Durumeric, J. Kasten, M. Bailey, and J. A. Halderman, “Analysis of the HTTPS certificate ecosystem,” in Proceedings of the 2013 conference on Internet measurement conference, in IMC ’13. New York, NY, USA: Association for Computing Machinery, Oct. 2013, pp. 291–304. doi: 10.1145/2504730.2504755.
M. Hastings, J. Fried, and N. Heninger, “Weak Keys Remain Widespread in Network Devices,” in Proceedings of the 2016 Internet Measurement Conference, in IMC ’16. New York, NY, USA: Association for Computing Machinery, Nov. 2016, pp. 49–63. doi: 10.1145/2987443.2987486.
A. K. Lenstra, J. P. Hughes, M. Augier, J. W. Bos, T. Kleinjung, and C. Wachter, “Ron was wrong, Whit is right.” Accessed: Apr. 26, 2023. [Online]. Available: https://eprint.iacr.org/undefined/undefined
L. M. Kohnfelder, “Towards a practical public-key cryptosystem.,” Thesis, Massachusetts Institute of Technology, 1978. Accessed: Aug. 24, 2023. [Online]. Available: https://dspace.mit.edu/handle/1721.1/15993
N. Serrano, H. Hadan, and L. J. Camp, “A Complete Study of P.K.I. (PKI’s Known Incidents).” Rochester, NY, Jul. 23, 2019. doi: 10.2139/ssrn.3425554.
N. van der Meulen, “DigiNotar: Dissecting the First Dutch Digital Disaster,” J. Strateg. Secur., vol. 6, no. 2, Jul. 2013, doi: http://dx.doi.org/10.5038/1944-0472.6.2.4.
Z. Dong, K. Kane, and L. J. Camp, “Detection of Rogue Certificates from Trusted Certificate Authorities Using Deep Neural Networks,” ACM Trans. Priv. Secur., vol. 19, no. 2, pp. 1–31, Sep. 2016, doi: 10.1145/2975591.
J. Amann, O. Gasser, Q. Scheitle, L. Brent, G. Carle, and R. Holz, “Mission accomplished? HTTPS security after diginotar,” in Proceedings of the 2017 Internet Measurement Conference, in IMC ’17. New York, NY, USA: Association for Computing Machinery, Nov. 2017, pp. 325–340. doi: 10.1145/3131365.3131401.
Q. Scheitle et al., “A First Look at Certification Authority Authorization (CAA),” ACM SIGCOMM Comput. Commun. Rev., vol. 48, no. 2, pp. 10–23, May 2018, doi: 10.1145/3213232.3213235.
M. Nemec, M. Sys, P. Svenda, D. Klinec, and V. Matyas, “The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, in CCS ’17. New York, NY, USA: Association for Computing Machinery, Oct. 2017, pp. 1631–1648. doi: 10.1145/3133956.3133969.
S. Yilek, E. Rescorla, H. Shacham, B. Enright, and S. Savage, “When private keys are public: results from the 2008 Debian OpenSSL vulnerability,” in Proceedings of the 9th ACM SIGCOMM conference on Internet measurement, in IMC ’09. New York, NY, USA: Association for Computing Machinery, Nov. 2009, pp. 15–27. doi: 10.1145/1644893.1644896.
D. J. Bernstein, N. Heninger, and T. Lange, “FactHacks: RSA factorization in the real world”.
Z. Durumeric, E. Wustrow, and J. A. Halderman, “{ZMap}: Fast Internet-wide Scanning and Its Security Applications,” presented at the 22nd USENIX Security Symposium (USENIX Security 13), 2013, pp. 605–620. Accessed: Aug. 25, 2023. [Online]. Available: https://www.usenix.org/conference/usenixsecurity13/technical-sessions/paper/durumeric
Y. Zhang et al., “Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem,” in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, in CCS ’21. New York, NY, USA: Association for Computing Machinery, Nov. 2021, pp. 1373–1387. doi: 10.1145/3460120.3484768.
K. W. Hamlen, V. Mohan, M. M. Masud, L. Khan, and B. Thuraisingham, “Exploiting an antivirus interface,” Comput. Stand. Interfaces, vol. 31, no. 6, pp. 1182–1189, Nov. 2009, doi: 10.1016/j.csi.2009.04.004.
Refbacks
- There are currently no refbacks.
International Journal of Electronics and Telecommunications
is a periodical of Electronics and Telecommunications Committee
of Polish Academy of Sciences
eISSN: 2300-1933