Security News > 2022 > March > Breaking RSA through Insufficiently Random Primes

Breaking RSA through Insufficiently Random Primes
2022-03-16 16:35

Basically, the SafeZone library doesn't sufficiently randomize the two prime numbers it used to generate RSA keys.

Böck has identified only a handful of keys in the wild that are vulnerable to the factorization attack.

Some of the keys are from printers from two manufacturers, Canon and Fujifilm.

Printer users can use the keys to generate a Certificate Signing Request.

The creation date for the all the weak keys was 2020 or later.

A user ID tied to the keys implied they were created for testing, so he doesn't believe they're in active use.


News URL

https://www.schneier.com/blog/archives/2022/03/breaking-rsa-through-insufficiently-random-primes.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
RSA 12 0 46 18 3 67