FierceCIOFierceCIOTechWatchFierceMobileITFierceContentManagementFierceGovernmentIT   FierceVoIPFierceHealthITFierceFinanceIT

Tools to crack flawed cryptographic keys circulate

May 16, 2008 — 8:22am ET | By Paul Mah
Tools
Tags
Vulnerability
Security Advisory
Debian Project
Digital Keys
Cryptographic Keys
Random Number Generator

A newly disclosed vulnerability in the random number generator used by the Debian Project to produce digital keys is making its repercussions felt around the world. The flaw makes it relatively easy to compute the correct cryptographic keys, which are used for services such as Secure Shell (SSH) and Secure Socket Layer (SSL). There are reports of 2048 bit keys being generated in two hours on a cluster consisting of just 31 Xeon cores. In the meantime, users and system administrators are urged to patch their systems and to regenerate all keys produced on Debian systems after September 2006--when builds that included the flaw were first made available.

For more on the random number generator flaw:
- check out the Debian Security Advisory

Click here to get the FierceCIO email newsletter for FREE!


Be the first to comment

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

To combat spam, please enter the code in the image.