Researchers Exploit Low Entropy of IoT Devices to Break RSA Certificates

Many Internet of Things (IoT) devices rely on RSA keys and certificates to encrypt data before sending it to other devices, but these security tools can be easily compromised, new research shows.

Researchers from digital identity management company Keyfactor were able to compromise 249,553 distinct keys corresponding to 435,694 RSA certificates using a single virtual machine from Microsoft Azure. They described their work in a paper presented at the IEEE Conference on Trust, Privacy, and Security in Intelligent Systems and Applications in December.

“With under $3,000 of compute time in Azure, we were able to break 435,000 certificates,” says JD Kilgallin, Keyfactor’s senior integration engineer and researcher. “We showed that this attack is very easy to execute now.”

The researchers didn’t break RSA encryption, but took advantage of how public and private keys are generated. The private key, which is kept secret by the owner, consists of two large, randomly chosen prime numbers, while the public key is the product of those two numbers.

The public key is associated with a certificate, which is a document signed with the trusted party’s private key. The certificate acts as proof that the given public key is associated with the private key and that the public key can be used to encrypt or validate data sent to or from the device. The security of the RSA certificate relies on the difficulty of factoring the prime factors that were randomly chosen to make the keys.

If the prime numbers used to generate a key are truly random, then it shouldn’t be computationally feasible to factor the resulting key, Kilgallin says. However, if the numbers aren’t sufficiently random, the keys can share the same factors, making it possible to calculate and derive the private keys.

The researchers scanned the entire Internet and found 75 million active RSA certificates. Of those certificates, more than 435,000 certificates shared “prime factors,” which translates to about one in every 172 RSA certificates in use on the Internet.

As a point of comparison, the team also pulled 100 million certificates from certificate transparency logs—generated by certificate authorities on powerful servers—and found just five certificates with shared factors.

While many of the certificates with shared factors detected in this research belonged to IoT and networking devices such as routers, it was sometimes difficult to tell how the device was being used and where it was located, Kilgallin says.

So why did some of these devices produce such similar keys?  [READ MORE]