Breaking RSA through Insufficiently Random Primes

Basically, the SafeZone library doesn’t sufficiently randomize the two prime numbers it used to generate RSA keys. They’re too close to each other, which makes them vulnerable to recovery.

There aren’t many weak keys out there, but there are some:

So far, Böck has identified only a handful of keys in the wild that are vulnerable to the factorization attack. Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). Printer users can use the keys to generate a Certificate Signing Request. The creation date for the all the weak keys was 2020 or later. The weak Canon keys are tracked as CVE-2022-26351…

March 16, 2022
Read More >>

Onapsis appoints Rick Hanson as COO

Onapsis announced the appointment of Rick Hanson as Chief Operating Officer. Hanson’s responsibilities will focus on leading and scaling Onapsis’ global go-to-market functions to meet the explosive demand for its platform to secure cloud, on-premises, …

September 8, 2021
Read More >>