cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
JohanLoos
Viewer II

RSA Private Key Recovery

Hi all,

 

Some time ago, I did some research on the RSA algorithm because I learned some years ago that a private key cannot be extracted from a public key. As you know, web servers have certificates which all have a public key inside. So, what about the private key, are there any possibilities to get it ?

 

Well, it depends on the key generation process. I explain in my research paper on which way a private key can be recovered from a public key. In this vulnerability, I explain when two prime are generated during the key generation process are close to each other, the private key can easily be recovered.

https://www.sans.org/white-papers/recover-an-rsa-private-key-from-a-tls-v1-2-session/

 

This vulnerability exist for a long time, so validating prime numbers during the key generation process is also important.

If you need any additional information, don't hestiate to contact me via email.

 

regards

Johan

1 Reply
Caute_cautim
Community Champion

@JohanLoos   A very good practical demonstration.  Well done

 

Of course all this will be practically all undone with the implementation of Quantum Computing, which is why there is so much interest in the subject.

 

Regards

 

Caute_Cautim