资源描述:
《Mining Your Ps and Qs_ Detection of挖掘你的Ps and Qs策略》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、MiningYourPsandQs:DetectionofWidespreadWeakKeysinNetworkDevicesNadiaHeninger†�ZakirDurumeric‡�EricWustrow‡J.AlexHalderman‡†UniversityofCalifornia,SanDiego‡TheUniversityofMichigannadiah@cs.ucsd.edu{zakir,ewust,jhalderm}@umich.eduAbstractexpectthattoday
2、’swidelyusedoperatingsystemsandserversoftwaregeneraterandomnumberssecurely.InthisRSAandDSAcanfailcatastrophicallywhenusedwithpaper,wetestthatpropositionempiricallybyexaminingmalfunctioningrandomnumbergenerators,buttheextentthepublickeysinuseontheInter
3、net.towhichtheseproblemsariseinpracticehasneverbeencomprehensivelystudiedatInternetscale.WeperformThefirstcomponentofourstudyisthemostcompre-thelargestevernetworksurveyofTLSandSSHservershensiveInternet-widesurveytodateoftwoofthemostandpresentevidenceth
4、atvulnerablekeysaresurprisinglyimportantcryptographicprotocols,TLSandSSH(Sec-widespread.Wefindthat0.75%ofTLScertificatessharetion3.1).ByscanningthepublicIPv4addressspace,keysduetoinsufficiententropyduringkeygeneration,wecollected5.8millionuniqueTLScertifi
5、catesfromandwesuspectthatanother1.70%comefromthesame12.8millionhostsand6.2millionuniqueSSHhostkeysfaultyimplementationsandmaybesusceptibletocom-from10.2millionhosts.Thisis67%moreTLShostspromise.Evenmorealarmingly,weareabletoobtainthanthelatestreleased
6、EFFSSLObservatorydataset[18].RSAprivatekeysfor0.50%ofTLShostsand0.03%ofOurtechniquestakelessthan24hourstoscantheentireSSHhosts,becausetheirpublickeyssharednontrivialaddressspaceforlisteninghostsandlessthan96hourscommonfactorsduetoentropyproblems,andDS
7、Apri-toretrievekeysfromthem.Theresultsgiveusamacro-vatekeysfor1.03%ofSSHhosts,becauseofinsufficientscopicperspectiveoftheuniverseofkeys.signaturerandomness.Weclusterandinvestigatethevul-Next,weanalyzethisdatasettofindevidenceofseveralnerablehosts,finding
8、thatthevastmajorityappeartobekindsofproblemsrelatedtoinadequaterandomness.Toheadlessorembeddeddevices.Inexperimentswiththreeoursurprise,atleast5.57%ofTLShostsand9.60%ofsoftwarecomponentscommonlyusedbythesedevices,SSHhostsusethesamekeysasotherh
