Fwd: [Cryptography] "DarkHotel" APT routinely breaking RSA512
grarpamp
grarpamp at gmail.com
Mon Nov 10 18:17:00 PST 2014
---------- Forwarded message ----------
From: Henry Baker <hbaker1 at pipeline.com>
Date: Mon, Nov 10, 2014 at 5:50 PM
Subject: [Cryptography] "DarkHotel" APT routinely breaking RSA512
To: cryptography at metzdowd.com
"The Darkhotel crew’s skillset allows it to launch interesting
cryptographical attacks, for instance factoring 512 bit RSA keys"
The keys are used to create bogus certificates, e.g.,
GTE
CyberTrust
Digisign Server iD
(Enrich)
flexicorp.jaring.my sha1/
RSA (512 bits)
Expired 12/17/2008 12/17/2010
Equifax
Secure
eBusiness
CA 1
Equifax Secure
eBusiness CA 1
secure.hotelreykjavik.i s
md5/RSA (512 bits)
invalid Sig 2/27/2005 3/30/2007
http://www.net-security.org/secworld.php?id=17612
http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2014/11/darkhotel_kl_07.11.pdf
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
More information about the Testlist
mailing list