BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:The Million-Key Question : Investigating the Origins of RSA Public
  Keys (Best Paper Award @ USENIX Security 2016) - Petr Svenda\, Masaryk Un
 iversity\, Brno\, Czech Republic
DTSTART:20161018T130000Z
DTEND:20161018T140000Z
UID:TALK68690@talks.cam.ac.uk
CONTACT:Laurent Simon
DESCRIPTION:*Abstract*: \nCan bits of an RSA public key leak information a
 bout\ndesign and implementation choices such as the prime generation\nalgo
 rithm? We analysed over 60 million freshly generated key pairs from\n22 op
 en- and closed-source libraries and from 16 different smartcards\,\nreveal
 ing significant leakage. The bias introduced by different choices\nis suff
 iciently large to classify a probable library or smartcard with\nhigh accu
 racy based only on the values of public keys. Such a\nclassification can b
 e used to decrease the anonymity set of users of\nanonymous mailers or ope
 rators of linked Tor hidden services\, to quickly\ndetect keys from the sa
 me vulnerable library or to verify a claim of use\nof secure hardware by a
  remote party. The classification of the key\norigins of more than 10 mill
 ion RSA-based IPv4 TLS keys and 1.4 million\nPGP keys also provides an ind
 ependent estimation of the libraries that\nare most commonly used to gener
 ate the keys found on the Internet.\nOur broad inspection also provides bo
 th sanity check and deep insight\nregarding which of the recommendations f
 or RSA key pair generation are\nfollowed in practice\, including closed-so
 urce libraries and smartcards.\n\nThe talk will be based on Usenix Securit
 y 2016 paper and will also\nprovide fresh details from our continuous anal
 ysis of more libraries and\nsmartcards we perform after the conference its
 elf.\n\n
LOCATION:LT2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR