[Ach] Cryptology ePrint Archive: Report 2013/734

Aaron Zauner azet at azet.org
Sat Nov 16 05:40:42 CET 2013


Hi,

Read through the paper. Significant to our paper are the following quotes:

SSH:
```
An August 2013 SSH scan collected 1 353 151 valid elliptic curve
public keys, of which 854 949 (63%) are unique. There were 1 246 560 valid elliptic curve public
keys in the October 2013 scan data, of which 848 218 (68%) are unique.
```

TLS:
```
Although we collected a total of over 5.4 million public keys from
ECDH and ECDHE key exchanges, only 5.2 million of these were unique. We found 120 900
distinct keys that were presented by more than one IP address, with the most common
duplicated key presented by over 2 000 hosts
```

```
We also were surprised to nd that several hosts duplicated
the 32-byte random nonce used in the server hello message. We found 20 distinct nonces that
were used more than once; 19 of which were re-used by more than one IP address. The most
repeated server random was repeated 1 541 times and was simply an ASCII string of 32 \f"
characters. These devices all appear to be a UPS power monitor. However, we were unable to
successfully establish any TLS sessions with these devices, either using a browser or OpenSSL.
```

Aaron



On 15 Nov 2013, at 03:29, Aaron Zauner <azet at azet.org> wrote:

> Very interesting, have been looking for something like this for a long time, thanks!
> 
> Aaron
> 
> On 14 Nov 2013, at 14:39, Pepi Zawodsky <pepi.zawodsky at maclemon.at> wrote:
> 
>> This just popped in via Twitter.
>> 
>> Elliptic Curve Cryptography in Practice
>> http://eprint.iacr.org/2013/734.pdf
>> 
>> Abstract:
>> In this paper, we perform a review of elliptic curve cryptography (ECC), as it is used in practice today, in order to reveal unique mistakes and vulnerabilities that arise in implementations of ECC. We study four popular protocols that make use of this type of public-key cryptography: Bitcoin, secure shell (SSH), transport layer security (TLS), and the Austrian e-ID card. We are pleased to observe that about 1 in 10 systems support ECC across the TLS and SSH protocols. However, we find that despite the high stakes of money, access and resources protected by ECC, implementations suffer from vulnerabilities similar to those that plague previous cryptographic systems.
>> 
>> Source: http://eprint.iacr.org/2013/734
>> Pepi
>> _______________________________________________
>> Ach mailing list
>> Ach at lists.cert.at
>> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131116/737ad218/attachment.sig>


More information about the Ach mailing list