Factoring RSA Keys with Many Zeros
Summary
Researchers have identified a new class of weak RSA keys characterized by an abundance of zeros in their moduli. These keys have been discovered in real-world usage, particularly within publicly accessible sources like Certificate Transparency logs and TLS/SSH scans.
IFF Assessment
The discovery of a new class of weak RSA keys that are already in widespread use represents a significant vulnerability for cryptographic systems.
Severity
This estimated CVSS score reflects a high impact due to potential compromise of encrypted communications and data. The attack vector is likely network-based, and exploitability is moderate given the specific nature of the keys.
Defender Context
This research highlights the critical need for regular auditing and updating of cryptographic keys, especially in long-lived systems. Defenders should be vigilant for the presence of these weak RSA keys and have plans in place to rotate them to stronger, more robust configurations.