Wednesday, February 12, 2014

When Fun Comes to Crypto

Today I found some notes on my desk abut the last Chaos Computing Club-Congress (CCC) in 2013. Since are pretty funny to me I decided to share them with you.
Researchers, as reported to 29C3, were able to collect over  3 Million certificates with their Public Key. So far nothing interesting at all...They were able to factorize 103 keys from the 3 Million collected by using the famous GCD Integer factorization Algorithm:

 Ok, again pretty standard process so far, right ? Now it comes the funny part of this story. Researchers found out that different prime numbers were repeatedly used as shared factors to build different keys over time !!! The following images represent the most common commonly shared factors:

OMG. Of course they are prime... and ... of course they are random... but come on! Seriously. ?!
Another clear example on how the reality does not fit to the theory. Thanks to such a gap (reality V.S theory) security researchers will always have to work for have a safe "cyber reality".

Here the video of the talk: (link to direct file)