Ars Technica

Medicine show: Crown Sterling demos 256-bit RSA key-cracking at private event

On September 19, in a conference room at the Pelican Hill Resort in Newport Beach, California, Crown Sterling CEO Robert Grant, COO Joseph Hopkins, and a pair of programmers staged a demonstration of ...
Ars Technica

How I used Heartbleed to steal a site’s private crypto key

Since this would be a much more serious consequence of Heartbleed, I decided to investigate. The results were positive: I was able to extract private keys from a test Nginx server after a few days’ ...
Engadget

The encryption many major companies rely on has a serious flaw

Researchers at Masaryk University in the Czech Republic uncovered a major security vulnerability in RSA keys generated by Infineon Technologies-produced chips. These chips are used in products ...
Threat Post

Factorization Flaw in TPM Chips Makes Attacks on RSA Private Keys Feasible

A flawed Infineon Technology chipset left HP, Lenovo and Microsoft devices open to what is called a ‘practical factorization attack,’ in which an attacker computes the private part of an RSA key. A ...
Bleeping Computer

Cisco fixes bug allowing RSA private key theft on ASA, FTD devices

Cisco has addressed a high severity vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Tracked as CVE-2022-20866, this security flaw is due to a ...
Bleeping Computer

Researchers Extract RSA-1024 Keys from Popular Crypto Library

A team of eight researchers from various universities has found a bug in the Libcrypto library that allows an attacker with local access to extract the RSA-1024 private key that was used to encrypt ...
Threat Post

TLS Implementations Vulnerable to RSA Key Leaks

A number of TLS software implementations contain vulnerabilities that allow hackers with minimal computational expense to learn RSA keys. A number of TLS software implementations contain ...