|
|
|
|
|
|
by dlenski
488 days ago
|
|
|
Ah. You're referring to the issue of devices which don't have sufficient sources of entropy to generate high-quality random numbers, particularly at early boot, particularly on first boot, and particularly for headless network-connected devices (like home router/gateway boxes). The 2012 Heninger paper (https://www.usenix.org/system/files/conference/usenixsecurit...) found quite a high number of duplicate TLS keys across seemingly-independent hosts, and attributed it to this issue: Over the next few years there was quite a lot of work, including in the Linux kernel, on improving the entropy sources available to such devices, and making them more foolproof to use. https://lwn.net/Articles/724643/ The issues identified in this survey are related, but distinct. The Debian weak keys generated in 2006-8 are due to a straight up bug in Debian, and RSA keys that are of a too-small size are orthogonal. I found far fewer "inexplicable duplicate" TLS keys than Heninger
et al did in 2012. |
|
|