IETF Logo Mail Archive

Re: [Sidrops] Fermat Attack on RSA (TL; DR: no bad keys in the RPKI)

"Hollyman, Michael" <mhollyman@verisign.com> Fri, 13 January 2023 17:43 UTC

Return-Path: <mhollyman@verisign.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96EA3C14CE4C for <sidrops@ietfa.amsl.com>; Fri, 13 Jan 2023 09:43:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Rwna1Q48Fyx for <sidrops@ietfa.amsl.com>; Fri, 13 Jan 2023 09:43:10 -0800 (PST)
Received: from mail5.verisign.com (mail5.verisign.com [69.58.187.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23CAAC151546 for <sidrops@ietf.org>; Fri, 13 Jan 2023 09:43:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=11436; q=dns/txt; s=VRSN; t=1673631790; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=sDf9LItKNdVE3kTOooOHFfqw4Hyw0gRbLrKQLq7/4eI=; b=f+zNVVHR3jJTPc/CNUUc8LTMIaXI43lS9St+NIvdJzJNzoRWIDhiH1wa W6pENFZCzFJL0ohpvYH63Yy1GLsTxtpN/hSKFXX45N+oEI7nr7cbERahw dyRVaybeH6qIFx27GCvThYbMSXhQB/SDXhlIdeC7zp+BGuynyiNkl/+6P iYUSBOLqyAgqmzRJ9PDiQGoBiYkfM/l6eEqxmV7VhFnKodq0G4+EPUpDy 5qwUZPLDnZO4mgRS3qNiByW6jfrXTDKRSRslhzBKik2zTMvujQj4xhYUE bZFKpoybGfP5L8VQ73MGNs4hQ6GWRP9Cbp1LGZgvOXtA/23j2Oq0gmweR Q==;
IronPort-Data: A9a23:xuMqlaxSLhlOaZoZJoJ6t+dCwSrEfRIJ4+MujC+fZmQN5Upzl3Vbl zFOHTDZZODKOTG2fMQ1MdropA5D+8PleuQTC1818HwrVy1RwSauLYvFdk2tZnzMJ8OTHEk55 sgTMYnLc5puFHGM9kbxbrG9pHIh3vCDS+SgWLGdYXwpSFM4E3tw1ko4yrYy24Vl34bR729h1 z/Xi5S31AiNh24ubQr4kp6rqA9zpKa1/zQTpUR4afFEvVTTjWVTB5UafQtYhZLFKrW4ZdVWO 9v+5LGl4nuLuFA1CdLglb3gagsGQ7HTNgWUljxdXK36r1saLMT6g6YnKOJOLkxegDiT2ctgz dxQqZz2QgAseajUm+VaXxhXEipzJ7FNoqTHKGKyvdeWzkjLeHKqyO9yVHQLVbH0gd2bfVyij 9RAbmhlUziDm/6u2+D8DfZzmYIvLcbqN44FpjdryjSeJs4dGToq6FiJvXWxd9dYuiw1JhqpW iZjQWcpN3z9Sx1TJk8MWtV5g/i3wHX+fDxTpUiJ46Ew5i/49DcpelFGzZmN0DUhpW+8Nauxo HOuw4iCOf1tCTDl4WfDqRqRru/TgTvgCsVVC6KnsPJrj1yYy3YPThYRUByhufD8l0fmM+6zU Hf4jRfC14BvshfDc/H9QwGguyzD+QEDRJxcEuI74wyX1uzf5APeHHANCyNIMPZOiCNNftBd6 7Pzt46vXlRSjYCopVKhGpa89j3rMyZEID9dP35dEFVbv4C/+4w430rEFItuHPHu3oGpQGGhy D209yVv3L97YezndUmY1Que32/z/MihoiodvFi/sreNt1shDGKdT9X0rwKdtZ6sFa7BJnGZp n8IhsOC2+4HCJCJhUSlTf4EdF2Tz6/t3Ab03Bg+QPHNyxz3oyT4JdkJu2klTKtUGp1slQHBM Re7VTx5ucc70EuCNcdff4+3AsI2+qnsffyNuif8N4cmjjBZLWdrzQk2DaKi9zmFfHsEyMnTD aymnfOEVh72P4w8lWbrGL1NuVMc7ntWKWv7HfgXxjz5iebOPCb9pb0taDNiZchhhE+ITZm8H 3+y+KJmxj0GONASbBU7/qYUNwkjP3knNKzriJ1VVOjaDAdDPlouXqq5LbMJI+SJnox/rMGRw VeQahcCjkT0gmffbwyGLG55c7WpVpF6xZ45FXV0ew/3gD56PN3psPZ3m5gfJNHL8MRmzflwS +gAcsOoHPlVSy/G9DJbZp74xGBnXE371V3RZXX5CNQ5V8JNVhaS1fX6RDLyzDQLJQmp7vEE+ YT1g2s3RrJGHWyOFv3+avWlmg/ps3EGhOZjGUDPJ/FffUz2+85rJjD/yPgtLKkkMhTP3DyCz C6XDAsW4+7XrOcIHMLhj7qC9pivHvsmRA9BAXOd6LetcCPduGC5x9YGTvyTe3bWU2acFLieW Ni5BsrUaJUv9GumeaIle1q35crSP+fSmoI=
IronPort-HdrOrdr: A9a23:v7UxXqBMHMe9aSjlHelx55DYdb4zR+YMi2TDsHoBLCC9E/bo9f xG88566faZslgssRIb9uxoUZPoKU80nqQFgrX5U43CYCDW/EWlK4145ZbvznnKC0TFmtJ15O NFf7JlANP9SXp3na/BijWQIpIFzMOc+K6lwd3CyWxgJDsGV4h74xxnBh2gHkp6eQlDCfMCf6 ah2g==
X-IronPort-AV: E=Sophos;i="5.97,214,1669093200"; d="p7s'?scan'208";a="18877274"
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Fri, 13 Jan 2023 12:43:08 -0500
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([10.173.153.49]) by BRN1WNEX02.vcorp.ad.vrsn.com ([10.173.153.49]) with mapi id 15.01.2507.016; Fri, 13 Jan 2023 12:43:08 -0500
From: "Hollyman, Michael" <mhollyman@verisign.com>
To: "job=40fastly.com@dmarc.ietf.org" <job=40fastly.com@dmarc.ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>
Thread-Topic: [EXTERNAL] [Sidrops] Fermat Attack on RSA (TL; DR: no bad keys in the RPKI)
Thread-Index: AQHZJd9iF/8evf4FTEavbg2igF3iWK6cf7eA
Date: Fri, 13 Jan 2023 17:43:08 +0000
Message-ID: <C0031085-2DD8-478E-8D79-8F13DA37C1C5@verisign.com>
References: <Y77tEx5WRy2cL1Bg@snel>
In-Reply-To: <Y77tEx5WRy2cL1Bg@snel>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha256"; boundary="B_3756451387_3569684059"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/IGaeAb6CU2pmpy9QYj4_9o3FeoE>
Subject: Re: [Sidrops] Fermat Attack on RSA (TL; DR: no bad keys in the RPKI)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Jan 2023 17:43:14 -0000

Job, thanks for sharing this and doing the leg-work to test the certificates and objects.
A bonus is, I can work on my French reading the paper from 1643. __ 

Mike

On 1/11/23, 10:08 AM, "Sidrops on behalf of Job Snijders" <sidrops-bounces@ietf.org <mailto:sidrops-bounces@ietf.org> on behalf of job=40fastly.com@dmarc.ietf.org <mailto:40fastly.com@dmarc.ietf.org>> wrote:


Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. 


Dear all,


Hanno Böck published a paper "Fermat Factorization in the Wild" [1]
documenting an issue resulting from flawed RSA key generation functions.
More information: https://secure-web.cisco.com/1_K4CcvwrSEXEv8Sy8_-ybuTnW4HlBZxzzcvrrDKw60jmN-M6IOI5rhpdorEHIWiZXweNHXdmkdsoOp7dptcn6_vkh6_IRW2ps92cwXshKASULQIiIp5rIYyBnVLCESSJ4CmhxhKjyPuRAis8b5O7oh4Gj6kNfmrE8aoOKrBMqzygdnFwQfr54HUEYz98-OHCI_ARstlbuehXO-H4_I8bIu1yNU6hUKJ-dDj7jWrYQiXd8UOhEypJeEINVa13DlqOohvufSWRqsYElJTxJo5BnNuL-H6N98VjuiUr7HPWhNfzZRo7lnGp9V52Vav-hgod/https%3A%2F%2Ffermatattack.secvuln.info%2F <https://secure-web.cisco.com/1_K4CcvwrSEXEv8Sy8_-ybuTnW4HlBZxzzcvrrDKw60jmN-M6IOI5rhpdorEHIWiZXweNHXdmkdsoOp7dptcn6_vkh6_IRW2ps92cwXshKASULQIiIp5rIYyBnVLCESSJ4CmhxhKjyPuRAis8b5O7oh4Gj6kNfmrE8aoOKrBMqzygdnFwQfr54HUEYz98-OHCI_ARstlbuehXO-H4_I8bIu1yNU6hUKJ-dDj7jWrYQiXd8UOhEypJeEINVa13DlqOohvufSWRqsYElJTxJo5BnNuL-H6N98VjuiUr7HPWhNfzZRo7lnGp9V52Vav-hgod/https%3A%2F%2Ffermatattack.secvuln.info%2F>


The author also published a convenient utility to scan CA & EE X.509
certificates for known issues: https://secure-web.cisco.com/1DQRuWwoh-EZ-WpLXo5LCvrIhJspoPXcHXV9iHyClgzmEHafpq2qi90up2n4bpWbuGH1uh3fY8fhdDw_bgN4FqoN5iY0cGJOAdaTbHxKyRVrDIUp_iwBEhPpdi2kdU39ZCD5Pz5AQxubfNVzfQ3HFYkZITL86uc4UHf9odT3p3vYwSyjsRNrzlu5X1Lm0Y5CtQ4omq1AFgC7yvqnwGrvesbM1CjfAIedkTpY5mQ9qkLSnCovW6h1N0928bNRh8Yc9zGmq_2fcLQKyTUkrczWKmms9qZvx8gU55nKCNCnrxnBxzQit0pFinm8ha5HNR-Sk/https%3A%2F%2Fgithub.com%2Fbadkeys%2Fbadkeys <https://secure-web.cisco.com/1DQRuWwoh-EZ-WpLXo5LCvrIhJspoPXcHXV9iHyClgzmEHafpq2qi90up2n4bpWbuGH1uh3fY8fhdDw_bgN4FqoN5iY0cGJOAdaTbHxKyRVrDIUp_iwBEhPpdi2kdU39ZCD5Pz5AQxubfNVzfQ3HFYkZITL86uc4UHf9odT3p3vYwSyjsRNrzlu5X1Lm0Y5CtQ4omq1AFgC7yvqnwGrvesbM1CjfAIedkTpY5mQ9qkLSnCovW6h1N0928bNRh8Yc9zGmq_2fcLQKyTUkrczWKmms9qZvx8gU55nKCNCnrxnBxzQit0pFinm8ha5HNR-Sk/https%3A%2F%2Fgithub.com%2Fbadkeys%2Fbadkeys>


I scanned all currently valid RPKI certificates & signed objects and
found no bad keys. I suppose this is good news :-)


Kind regards,


Job


[1]: https://secure-web.cisco.com/1fLPbH53FioahJJukH4V9U2Ad41OWLvOiVmoJkNJoOQR-Rf5qxrbj6I8gZ6gM9MdTTTokKifhzVkzo21zz-qoBkNK2ikdIkYG5zT9E-YnDnLIVGhlbQ6itsS3jk90RcaZu9a5Ts1YAWNq0-kmT7v1oh1OM9D492dJyGhlf6pYsTjTaXiKU7mhsLqVqmhJSJJYgUU8xxpEoizG7AWhkYnDrFLpYgY7rs4OekAiRV0Fz3AS3qhdsv0bS6acKZ2DErJ7QPL-HegDKcZD6hsgxQyFoE_e0BN0PRvBpk9qLBXdVq-Fq4eOyJpDFj8pjUlIcN9Q/https%3A%2F%2Feprint.iacr.org%2F2023%2F026.pdf <https://secure-web.cisco.com/1fLPbH53FioahJJukH4V9U2Ad41OWLvOiVmoJkNJoOQR-Rf5qxrbj6I8gZ6gM9MdTTTokKifhzVkzo21zz-qoBkNK2ikdIkYG5zT9E-YnDnLIVGhlbQ6itsS3jk90RcaZu9a5Ts1YAWNq0-kmT7v1oh1OM9D492dJyGhlf6pYsTjTaXiKU7mhsLqVqmhJSJJYgUU8xxpEoizG7AWhkYnDrFLpYgY7rs4OekAiRV0Fz3AS3qhdsv0bS6acKZ2DErJ7QPL-HegDKcZD6hsgxQyFoE_e0BN0PRvBpk9qLBXdVq-Fq4eOyJpDFj8pjUlIcN9Q/https%3A%2F%2Feprint.iacr.org%2F2023%2F026.pdf> 


_______________________________________________
Sidrops mailing list
Sidrops@ietf.org <mailto:Sidrops@ietf.org>
https://secure-web.cisco.com/1JWWs_zZwuhwcntsZ0ttbYWX6khv_Oeac2UHP8ziqSRmotF7t2L9C7V0Rv20RVpy00mRQlVM6bYfJ4QMdNzQUFQ-IlawJDmeTQBlTADoLVNdKdsA9bBQ4h_djOwCBHkmz7yvs3k-YU5_dZEBEhDAdRaQrjregFfPTanbL1QrrnzEQ4ETYYCFRAD-TJYnyrQ1P2k5tucIvPoJ0ZBN2IzOUttAmTb6O3hah5pQrwpyqkcN5L7IUnLlvCGRy4uSq964BaduNVTr7eLthbwSCVHZvZPFNUUK7_gJtg1dhuYhw2AsSpjPbzaP_TODUMVHGD5WV/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsidrops <https://secure-web.cisco.com/1JWWs_zZwuhwcntsZ0ttbYWX6khv_Oeac2UHP8ziqSRmotF7t2L9C7V0Rv20RVpy00mRQlVM6bYfJ4QMdNzQUFQ-IlawJDmeTQBlTADoLVNdKdsA9bBQ4h_djOwCBHkmz7yvs3k-YU5_dZEBEhDAdRaQrjregFfPTanbL1QrrnzEQ4ETYYCFRAD-TJYnyrQ1P2k5tucIvPoJ0ZBN2IzOUttAmTb6O3hah5pQrwpyqkcN5L7IUnLlvCGRy4uSq964BaduNVTr7eLthbwSCVHZvZPFNUUK7_gJtg1dhuYhw2AsSpjPbzaP_TODUMVHGD5WV/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsidrops>

v2.46.0 | Report a Bug | By Email | System Status